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'Bused  on  the  SPECint®  rate2000  benchmark  test  performed  by  Dell  Labs  in  July  2005  on  a  PowerEdge  2850.  dual  2.80GHz  w/2MB  cache  Dual-Core  Intel  Xeon  Processors 
us  T  ampered  to  a  similarly  configured  PowerEdge  2850  with  dual  3.60<iHz  w/2MB  cache  single-core  Intel  Xeon  Processors.  Actual  performance  will  vary  based  on 
configuration,  usage  and  manufacturing  variability. 

I  mnot  be  responsible  for  errors  in  typography  or  photography.  Doll,  the  Dell  logo  and  PowerEdge  are  trademarks  of  Dell  Inc.  Intel,  Intel  Inside,  the  Intel  Inside  logo,  and 
con  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  ©  2005  Dell  Inc.  All  rights  reserved. 


DUAL-CORE  INTEL®  XEON™  PROCESSORS 
FOR  OUTSTANDING  PERFORMANCE  ARE 
FEATURED  ON  DELL™  POWEREDGE™  1850, 
2800, 2850, 1855,  AND  THE  4-SOCKET  6800 
AND  6850  SERVERS. 


DELLS  EASY  TO  DEPLOY 

MULTI-CORE  TECHNOLOGY. 

Get  up  to  a  53%  gain  in  performance* with 
Dual-Core  Intel®  Xeon™  Processors  in  Dell™ 
PowerEdge™  Servers.  Working  with  your 
existing  Intel®  Xeon™  architecture  greatly 
reduces  the  number  of  system  images 
for  easier  deployment  and  management. 
It's  the  right  technology  at  the  right  time. 


Click  www.dell.com/power26 
Call  (toll  free)  1.866.212.9333 


★★★★ 

PERFORMANCE. 

HASSLE-FREE 

MULTI-CORE 

SERVERS. 
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View  the  latest  Websense  Security  Labs  webcast: 

"Six  Degrees  of  Spyware" 
www.websensesecuritylabs.com/webcast 


It's  no  surprise;  employees  are 
often  unaware  of  the  threats  that  put 
the  security  of  their  laptops — and  your 
network — at  risk  every  day. 


Websense  Remote  Filtering  extends  your 
usage  policies  to  the  mobile  workforce, 
keeping  you  protected  from  external 
web  threats  anytime,  anywhere. 


Close  the  security  gap. 

Download  your  free  evaluation  today. 
www.websense.com/remote 


SECURING  PRODUCTIVITY,- 


©  2005  Websense.  Inc  All  nghts  reserved  Websense  is  a  registered  trademark  of  Websense.  Inc  in  the  United  States  and  certain  international  markets. 
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NetworkWorld  ITVideo: 

Geoffrey  Moore:  IT  had  better  mat¬ 
ter!  Moore  talks  about  what's  been 
keeping  the  IT  genie  stuck  in  the 
bottle.  DocFinder:  9832 


NetworkWorld.com  at  10 

Join  us  as  we  look  back  at  the 
events  of  the  past  10  years  in  net¬ 
working  and  tell  us  where  the  net¬ 
work  is  headed.  DocFinder:  9641 


The  Hot  Seat  with  John  Gallant 

Entuity's  Bill  Tracy,  vice  president  of 
product  strategy,  sits  on  the  Hot 
Seat  to  talk  about  what  makes  his 
company's  network  management 
offering  different. 

DocFinder:  9833 

Cool  Yule  Tools  Holiday  Gift  Guide 

We've  reviewed  more  than  100  high- 
tech  products  for  the  home  and 
office  that  you'll  want  to  give  to 
your  friends,  family  or  yourself. 

DocFinder:  9834 


Vortex  2005  Podcasts 

Hear  what  leading  IT  experts  and 
executives  such  as  Ray  Ozzie,  Ann 
Livermore,  Red  Hat  CEO  Matthew 
Szulik  and  more  had  to  say  about 
the  future  of  IT.  DocFinder:  9835 

MSN:  Failing  semigracefiilly 

IT  Borderlands'  Ken  Fasimpaur  offers 
another  edition  of  the  Friday 
Forbidden  Phrase.  This  week's  banned 
IT  term  is  “powered  by,"  which  he 
calls  "a  fine  illustration  of  linguistic 
devolution."  DocFinder:  9836 


Online  help  and  advice 

Goo!  Tools  Daily  Dose 

Senior  Editor  Keith  Shaw  looks  at 
Netgear  giving  more  power  to 
powerline  gear;  Archos  pushing  a 
portable  camcorder  to  podcasters; 
and  Belkin  readying  video  iPod 
cases  and  stands. 

DocFinder:  9540 


attempt  to  corral  the  bits  on  a  CD 
or  DVD  is  simply  ridiculous  given 
today’s  technology  and  culture,  and 
even  more  so  because  physical 
non-network  media  will  become 
effectively  obselete  for  entertain¬ 
ment  content  within  five  years  at 
most.  DocFinder:  9837 


Gibbsblog 

Columnist  Mark  Gibbs  says  digital 
rights  management  software  will 
never  work:  "For  Sony  —  or  any¬ 
one  else  for  that  matter  —  to 


Telework  Beat 

Senior  Editor  Ann  Bednarz  opines  on 
telework  numbers,  gripes  and  digs: 
A  look  at  today's  U.S.  telecom¬ 
muter.  DocFinder:  9838 


Seminars  and  events 

Benchmark  innovations  that  will  be  tomorrow's  best  practices 

Which  innovations  will  have  the  biggest  impact  on  your  network  in  2006?  Find 
out  at  IT  Roadmap  '06:  What's  New,  What’s  Next,  and  What  to  Buy  Now.  Test 
new  solutions  in  application  acceleration,  network  management,  VoIP  wireless 
and  mobility,  RON,  security,  storage  and  network  identity.  Qualify  to  attend  free 
—  and  the  opportunity  to  win  a  42-inch  plasma  TV.  DocFinder:  9839 


BREAKING  NEWS 

Go  online  for  breaking  news  every  day.  DocFinder  1001 

Free  e-mail  newsletters 

Sign  up  for  any  of  more  than  40  newsletters  on  key  network  topics. 

DocFinder  1002 


What  is  DocFinder? 


We’ve  made  it  easy  to  access  articles  and 
resources  online.  Simply  enter  the  four-digit  DocFinder 
number  in  the  search  box  on  the  home  page,  and  you’ll 
jump  directly  to  the  requested  information. 


Improving  network  security  and 
performance  is  rarely  as  simple 
as  plugging  in  a  box.  This  time  it  is. 

Spammers  and  hackers  are  gunning  for 
your  network.  Stop  them— and  bandwidth 
waste— with  3Com's  TippingPoint™  Intrusion 
Prevention  System.  Named  Best  Security 

Solution  for  2Q054  by  SC  Magazine ,  our 
plug-and-play,  total-flow  inspection  at 
multi-Gigablt  speeds  ensures  that  the  only 
traffic  on  your  system  is  traffic  you  want 
there.  Learn  more  through  our  white  papers 
available  online  or  by  calling  1-88S-TRUE  IPS. 


TippingPoint 


a  division  of  3Com 


vtippingpoint.com/GetTheDetails 


3Com 

security  — 
VoIP 
wireless 
switching 
routing 
services 

_ J 


•SC  Maga/me  awarded  TippingPoint  Intrusion  Prevention  System,  formerly  known  as  UnityOne.™  Best  Security  Solution  for  2005 
Copyright  ©  2005  3Com  Corporation  All  rights  reserved  3Com  and  the  3Com  logo  are  registered  trademarks  of  3Com  Corporation 
All  other  company  and  product  names  may  be  trademarks  of  their  respective  companies. 
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Blockbuster  video  deal  for  Cisco 

Cisco  nabs  Scientif ic-Atlanta  for  $6.9  billion  to  gain  access  to  consumers’  living  rooms. 


BY  JIM  DUFFY 

Cisco’s  proposed  $6.9  billion 
buyout  last  week  of  Scientific- 
Atlanta  makes  clear  that  the  enter¬ 
prise  network  leader  wants  into 
your  living  room,  too. 

The  planned  takeover  of  the 
cable  TV  set-top  box  giant  paves 
the  way  for  Cisco  to  make  home 
entertainment  and  video  its  next 
$1  billion-a-year  Advanced  Tech¬ 
nology  opportunity 

The  company’s  idea  is  that  Cisco 
is  IP  which  is  the  foundation  for 
next  generation  TV  so  Cisco  is  TV 
“Cisco  has  always  done  well  sell¬ 
ing  routers  to  carriers.  But  they 
haven’t  been  able  to  get  a  real 
strategic  chunk  of  a  provider  net¬ 
work,”  says  Rob  Whiteley,  an  ana¬ 
lyst  at  Forrester  Research.  “The 
push  to  IPTV  is  really  going  to  be 
one  of  the  things  that  gets  them 
there.  Linksys  couldn’t  do  it  alone 
—  it’s  not  enough  of  an  end  de¬ 
vice.  So  this  is  really  an  attempt  to 
marry  that  —  the  really  intelligent 
back  end  with  the  routers,  to  a 


MVideo  is  an 
integral  part  of 
our  strategy  that 
must  be  a  core 
competency,  w 

John  Chambers, CEO,  Cisco 

really  intelligent  front  end,  a  cable 
set-top  box.” 

Analysts  say  Cisco’s  move 
makes  sense. 

“We  believe  TV  content  will 
drive  huge  growth  of  Internet  traf¬ 
fic,  with  implications  for  the  In¬ 
ternet’s  largest  equipment  vendor, 
Cisco,”  states  Anton  Wahlman  of 


investment  firm  Needham  and 
Co.“Cisco  must  better  understand 
video,  quickly’ 

If  you  look  on  your  cable  set-top 
box,  you’re  likely  to  see  Scientific- 
Atlanta’s  logo  or  that  of  Motorola. 
Scientific-Atlanta  also  makes 
head-ends,  hubs,  advanced  en¬ 
coding  devices  and  digital  con¬ 
tent  managers  for  service  pro¬ 
viders.  It  has  installed  about  56 
million  cable  devices  in  the 
United  States,  representing  about 
40%  of  the  market. 

The  acquisition  helps  Cisco 
build  an  end-to-end  portfolio  of  IP 
TV  and  triple  play  —  bundled 
voice,  video  and  data  services  — 
infrastructure  for  service  pro¬ 
viders.  Cisco  already  had  the 
routers,  switches  and  cable 
modem  termination  systems  for 
cable  companies;  it  also  recently 
acquired  DVD  home  entertain¬ 
ment  technology  with  its  pur¬ 
chase  of  KiSS  Technology 

The  buyout  will  give  Cisco  set¬ 
top  boxes  used  to  provide  interac¬ 


tive,  on-demand  digital  TV  for  con¬ 
sumers  and,  when  combined  with 
Cisco’s  Linksys  consumer  network 
portfolio,  a  broadband  router/gate¬ 
way  for  other  residential  entertain¬ 
ment  applications. 

“Video  is  an  integral  part  of  our 
strategy  that  must  be  a  core  com¬ 
petency”  said  Cisco  CEO  John 
Chambers  during  a  Webcast  an¬ 
nouncing  the  acquisition.  “Video 
is  too  valuable  to  do  in  a  partner¬ 
ship  arrangement.” 

The  deal  shows  how  traditional 
suppliers  of  enterprise  network 
equipment  are  looking  to  diversify 

“Consolidation  among  equip¬ 
ment  players  is  intensifying  as 
they  are  faced  with  slower  sales  in 
the  enterprise  market,”  says  Susan 
Kalla,  managing  director  of  tele¬ 
com  and  media  research  at  Caris 
and  Company,  in  a  bulletin  on  the 
acquisition. “Equipment  manufac¬ 
turers  are  looking  to  enter  the 
booming  . . .  consumer  market  for 
digital  television  and  mobile 
video  offerings.” 


Cisco  will  pay  $43  per  share  in 
cash  for  each  share  of  Scientific- 
Atlanta,  and  assume  outstanding 
options.  The  deal  matches  Cisco’s 
previous  largest  acquisition  —  the 
$6.9  billion  purchase  of  metropol¬ 
itan  optical  transport  vendor 
Cerent  in  1999. 

The  acquisition  of  Scientific- 
Atlanta  is  expected  to  close  in 
the  third  quarter  of  Cisco’s  fiscal 
year  2006.  It  has  been  approved 
by  the  board  of  directors  of  each 
company 

Following  the  close  of  the  trans¬ 
action,  Scientific-Atlanta  will  be¬ 
come  a  division  of  the  Routing 
and  Service  Provider  Technology 
Group  under  the  leadership  of 
Cisco  Senior  Vice  President  Mike 
Volpi.  Scientific-Atlanta  CEO  Jim 
McDonald  will  report  to  Volpi. 

Scientific-Atlanta  was  founded 
in  1951.  The  company  has  more 
than  7,500  employees.  For  its  fiscal 
year  2005,  which  ended  July  1, 
Scientific-Atlanta  reported  rev¬ 
enue  of  $1.91  billion.  ■ 


Microsoft  turning  toward  an  all  64-bit  world 


BY  JOHN  FONTANA 

Microsoft  made  crystal  clear 
last  week  that  it  is  herding  cus¬ 
tomers  toward  64-bit  platforms. 
And  while  users  and  analysts  say 
that’s  the  right  direction, they  also 
believe  companies  may  be  slow 
to  fall  in  line. 

With  the  next  versions  of  many 
of  Microsoft’s  servers,  including 
Exchange  12,  Compute  Cluster 
Server  and  the  R2  release  of  the 
Longhorn  server,  Microsoft  will 
produce  only  64-bit  editions. 

The  announcement  was  one  of 
many  the  company  made  last 
week,  including  the  debut  of  a 
desktop  search  engine  that  in¬ 
cludes  management  and  deploy¬ 
ment  controls  for  IT,  the  first 
release  under  Microsoft’s 
Dynamics  brand  for  its  struggling 
business  applications. 

Microsoft  is  hitching  its  software 


wagon  to  64  bit  and  its  promise  of 
a  more  robust  and  powerful  com¬ 
puting  platform.  The  platform, 
however,  comes  with  special 
design  considerations  that  differ 
from  32-bit  platforms,  especially 
related  to  firmware,  hard  disk  par¬ 
titions  and  device  drivers.  And 
while  the  x64  architecture  sup¬ 
ports  32-bit  applications,  the 
ramp-up  to  64  bit  will  align  with 
applications  optimized  for  that 
platform,  experts  say 

Microsoft  already  has  64-bit  ver¬ 
sions  of  servers,  including  the  re¬ 
cently  released  SQL  Server  2005, 
but  there  also  is  a  32-bit  version. 
Microsoft  will  have  a  32-bit  ver¬ 
sion  of  Windows  Server  Longhorn 
supported  until  2017. 

“It  is  about  time  Microsoft  put  its 
pants  on  and  said  ‘you  know,  if  you 
want  to  run  our  technology  this  is 
See  Microsoft,  page  14 


Product  rush 

Microsoft  last  week  revealed  a  mishmash  of  upcoming  offerings,  including  management  tools, 
business  applications,  desktop  search  and  future  servers  that  will  be  available  only  as  64-bit  software. 


Software 

Comments 

Availability 

Exchange  Server  12 

64-bit  only 

Late  2006,  early  2007 

Windows  Compute  Cluster  Server  2003 

64-bit  only 

First  half  of  2006 

Windows  Server  Longhorn  Small 

64-bit  only 

2007 

Business  Server 

Centro,  infrastructure  bundle  for  midsize 
businesses 

64-bit  only 

2007 

Windows  Server  Longhorn  R2 

64-bit  only 

2009 

Virtual  Server  2005  R2 

Price  dramatically  cut  on  what  was  once  slated  to 
be  a  free  service  pack. 

December  2005 

System  Center  Capacity  Planner  2006 

Modeling  tool. 

Early  January  2006 

System  Center  Essentials 

Single  console  for  midsize  companies  to  update, 
monitor  and  track  IT  environment. 

2007  (will  also  ship  with  Centro) 

Dynamics  GP  (Great  Plains) 

First  release  under  new  business  application  brand. 

Now 

Windows  Desktop  Search 

Deployment,  management  centrally  controlled  by  IT. 

Now 
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FGG  commissioner  to  resign 

■  Kathleen  Abernathy  will  resign  from  the  FCC  effective  Dec.  9,  leaving  the  telecom¬ 
munications  regulatory  body  with  two  openings  to  fill  and  missing  one  of  its  consis¬ 
tent  champions  of  deregulation.  Abernathy  a  Republican,  announced  her  departure 
last  week.  Her  resignation  leaves  the  FCC  with  only  three  confirmed  members  on 
the  five-person  commission:  Chairman  Kevin  Martin,  a  Republican,  and  Commis¬ 
sioners  Michael  Copps  and  Jonathan  Adelstein,both  Democrats.  Republican 
Deborah  Tate  has  been  nominated  to  fill  the  position  created  by  the  departure  of 
former  Chairman  Michael  Powell  in  January  but  her  nomination  has  yet  to  be  con- 


TheGoodTheBaqTheUgly 

BlackBerry  reprieve.  The  Department  of  Justice  has 
asked  a  judge  to  ensure  that  government  users  can  continue  to  send 
each  other  e-mail  on  their  "essential"  BlackBerry  devices,  even  though 
the  court  has  ruled  against  the  maker  of  BlackBerry  devices  in  a 
patent-infringement  case. 

Sober-ing  news  about  worms.  Yet  more  variants 

of  the  mass-mail  Sober  worm  are  making  the  rounds  of  the  'Net  and 
could  infect  Windows-based  computers,  anti-virus  firms  warned  last 
week.  Thus  far,  the  variants  present  a  low  risk  and  haven't  been  wide¬ 
ly  distributed.  A  "large  number  of  samples"  of  the  variants  have  been 
intercepted  in  e-mail  traffic,  indicating  that  the  worms  are  spreading 
by  spam  containing  infected  messages,  according  to  Kaspersky  Lab. 


firmed  by  the  Senate. 

Cogent  fiber  lines  are  cut 

■  ISP  Cogent  Communications  last  week  had  two 
fiber  cuts  in  its  network  from  construction  mishaps, 
disrupting  service  in  the  Southeast  and  Mid-Atlantic 
regions.  According  to  Cogent,  a  fiber  line  between 
Houston  and  Tampa,  Fla.,  was  cut  Thursday  around 
9:35  a.m.  EST.  The  second  fiber  break  was  between 
Philadelphia  and  Washington,  D.C.  That  fiber  was 
spliced,  and  routing  was  restored  at  3:45  p.m.  EST 
Thursday. The  cuts  occurred  in  Washington  and  New 
Orleans.  Latency  on  the  Cogent  network  over  the  last 
four  hours  was  at  “warning”  status,  according  to 
Internet  performance  monitor  Keynote,  and  network 
availability  was  “critical.”  The  Internet  Storm  Center 
stated  the  outage  was  “major 

IT  vendors  push  healthcare  net 

■  Accenture,  Cisco,  IBM,  Microsoft,  Northrop 
Grumman,  Oracle  and  Sun  are  among  a  wide  range 
of  technology  and  consulting  companies  tapped 
recently  to  design  an  $18.6  million  Nationwide 
Health  Information  Network  for  the  U.S.  Health  and 
Human  Services  Department.  The  NHIN  is  the  HHS 
plan  for  an  Internet-based  network  that  links  dis¬ 
parate  healthcare  organizations,  such  as  local  clin¬ 
ics, city  hospitals,  universities  and  government  health 
agencies,  to  share  and  have  secure  access  to  clinical 
data.  The  NHIN  wili  be  designed  and  rolled  out 
through  four  consortia,  each  consisting  of  several  IT, 

mmmmm  COMPENDIUM 

The  world  is  shrinking 

Andre  Durand  thinks  the  average  number  of 
hops  between  nodes  on  a  network  has 
shrunk  in  recent  years.  His  father,  a  math- 
emetician,  has  come  up  with  a  formula  to 
express  the  theory  —  and  it  relies  on  the  old 
game  "Six  Degrees  of  Kevin  Bacon."  Read 
up  at  www.networkworld.com, 

DocFinder:  9844. 
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“Sarbanes  isY2K  for  the  rest  ^ 
of  my  life.” 


Sharon  Mandell,  vice  president  of  technology,  Knight  Ridder, 
speaking  at  a  panel  discussion  with  IDG  editors  in  San 
Francisco 


<  Sony  relents  over  CD  spy- 

ware.  After  two  weeks  of  relentless  criticism 
over  its  XCP  copy-protection  software,  Sony 
BMG  Music  Entertainment  is  pulling  CDs  that  con¬ 
tain  the  software  from  store  shelves.  The  compa¬ 
ny  is  also  planning  to  offer  customers  a  way  to 
exchange  CDs  that  contain  the  flawed  copy-protec¬ 
tion  software,  which  uses  controversial  cloaking  tech¬ 
niques.  Critics  have  warned  that  the  software,  essentially 
a  form  of  spyware,  could  gum  up  a  computer's  performance  or 
even  be  used  by  attackers  to  attack  the  machine. 


Yankee  Group  changes  hands 


consulting,  security  and  healthcare  companies  and 
organizations.  This  will  be  led  by  Accenture, 
Computer  Science  Corporation,  IBM  and  Northrop 
Grumman.  Each  consortium  is  responsible  for  NHIN 
coverage  in  specific  areas  of  the  country  Each  con¬ 
sortium  will  put  together  an  IP-based  network  proto¬ 
type  during  the  coming  year.  When  the  prototypes 
are  finished,  the  results  will  be  given  to  the  American 
Health  Information  Community, an  advisory  commit¬ 
tee  to  the  HHS  focused  on  digitizing  and  network¬ 
enabling  healthcare  records. 

BellSouth  pitches  wireless  backup 

■  A  new  wireless  data  back-up  service  is  the  first 
jointly  developed  offering  for  business  customers 
from  BellSouth  and  Cingular  Wireless.  The  service 
was  born  out  of  the  communications  outages  that 
plagued  BellSouth,  Cingular  and  other  carriers  dur¬ 
ing  this  years  Gulf  Coast  hurricanes.  In  the  wake  of 
those  events,  businesses  have  a  renewed  interest  in 
building  as  much  network  diversity  into  their  opera¬ 
tions  as  possible,  BellSouth  says.  In  the  event  of  a 
wireline  network  outage,  data  will  be  routed  through 
Cingular’s  70K  to  135K  bit/sec  network,  which  is  avail¬ 
able  in  13,000  cities  and  towns.  Wireless  data  backup 
will  also  be  enabled  for  Cingulars  new  400K  to  700K 
bit/sec  network,  which  is  scheduled  to  be  launched 
in  15  to  20  markets  by  year-end  and  in  most  major 
markets  by  the  end  of  2006,  according  to  the  compa¬ 
ny.  Pricing  for  the  service,  called  Wireless  Data 
Backup  from  BellSouth  and  Cingular  Wireless,  ranges 
from  about  $9  to  $50  per  month,  depending  on  fea¬ 
tures  the  customer  selects. 


■  The  Yankee  Group  last  week  announced  it  is  under 
new  ownership  and  leadership.  Emily  Green,  formerly 
head  of  Cambridge  Energy  Research  Associates,  is 
assuming  the  top  post  at  Yankee  under  a  buyout  by 
her  and  a  private  equity  firm  called  Alta  Communica- 
tions.The  value  of  the  transaction  was  not  disclosed. 
Yankee  had  been  owned  by  Decision  Matrix  Group, 
which  bought  the  firm  last  year  from  Reuters.  Brian 
Adamik  is  stepping  down  as  CEO  of  Yankee  Group. 
Green  says  there  will  be  no  immediate  effect  on 
other  employees  or  customers,  and  noted  she  is  not 
bringing  in  “a  big  team  of  my  own.”  She  says  Yankee 
Group  was  not  actively  seeking  a  shopper. The  IT  mar¬ 
ket  research  industry  has  undergone  significant  con¬ 
solidation  in  recent  years,  with  Forrester  buying  Giga 
and  Gartner  snapping  up  Meta  Group. 

Google  to  build  ‘home'  Wi-Fi  net 

■  Google  last  week  said  it  has  won  approval  from  city 
officials  it  needs  to  begin  building  a  Wi-Fi  network  in 
its  home  base  of  Mountain  View,  Calif.  The  Mountain 
View  City  Council  unanimously  approved  a  plan  that 
gives  Google  access  to  city-owned  streetlight  poles  for 
the  placement  of  wireless  access  points  for  a  citywide 
Wi-Fi  network.The  city  of  Mountain  View  will  incur  no 
expenses  for  the  Wi-Fi  network  and  stands  to  gain 
financially,  according  to  a  document  on  the  City 
Council  Web  site.  Google  made  a  pitch  in  October  to 
San  Francisco  leaders  outlining  the  benefits  of  provid¬ 
ing  free  wireless  service.  At  the  same  time,  Google 
threw  its  name  into  the  hat  as  a  potential  service 
provider  to  enable  San  Francisco  Mayor  Gavin 
Newsoms  plan  for  free, citywide  Wi-Fi  access. 
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Users  applaud  GA’s  integration 


w  As  a  public  company, 
poor  identity  management 
practices  put  our  company 
at  risk  and  our  customers 
at  risk.  ^ 

Kevin  Murphy,  senior  systems  analyst,  Reynolds 
&  Reynolds 


BY  DENISE  DUBIE 

LAS  VEGAS  —  Customers 
turned  out  in  droves  last  week  to 
hear  how,  after  18  months  of  inter¬ 
nal  restructuring,  technology 
acquisitions  and  product  devel¬ 
opment,  Computer  Associates 
intends  to  win  back  their  faith. 

The  company’s  first  fee-based 
CA  World  drew  more  than  6,000 
attendees;  past  shows,  which 
were  free,  attracted  about  10,000. 
Approximately  125  sponsors,  in¬ 
cluding  Microsoft,  were  there. 

The  company  which  in  the  near 
future  will  officially  change  its 
name  to  CA,  revealed  the  details 
of  its  Unicenter  1 1  release,  an¬ 
nounced  an  identity  manage¬ 
ment  product  that  uses  Netegrity 
technology  acquired  last  year,and 
let  customers  in  on  its  sweeping 
integration  plans. CA  intends  to  in¬ 
corporate  in  future  software  re¬ 
leases  a  common  set  of  policies, 
workflows,  databases  and  pro¬ 
cesses,  which  the  company  said 
will  let  its  products  more  easily 
integrate  with  each  other  as  well 
as  with  third-party  and  open 
source  tools. 

For  a  company  that  at  one  time 


claimed  to  have  1,250  products 
—  although  it  now  refuses  to 
give  a  number  —  and  that  com¬ 
pleted  eight  acquisitions  in  the 
last  year  alone,  this  level  of  inte¬ 
gration  is  a  significant  invest¬ 
ment  of  development  time  and 
dollars.  The  company  spent 
about  $650  million  per  year  for 
the  past  five  years,  or  more  than 
$3  billion,  to  get  this  broad  inte¬ 
gration  off  the  ground. 

President  and  CEO  John  Swain- 
son  added  that  this  is  just  the 
beginning:  “We  aren’t  doing  this 
because  it  feels  good  or  because 
we  like  pain.We  are  doing  this  be¬ 
cause  it’s  the  best  way  to  get 
where  we  need  to  go.”  He  said  the 
company  would  continue  to  put 
“hundreds  of  millions  of  dollars” 
into  its  Enterprise  IT  Manage¬ 
ment  (EITM)  strategy. 

CA  announced  26  new  and  up¬ 
graded  products,  and  sets  of  pro¬ 
ducts  bundled  as  suites,  such  as 
CA  Service  Availability  which  in¬ 
cludes  an  assessment  service 
and  products  that  can  use  a  vari¬ 
ety  of  tools  across  CAs  Unicenter 
management,  eTrust  security  and 
BrightStor  storage-technology 


portfolios.  Management  vendors 
have  been  moving  away  from 
point  products  toward  delivering 
suites  for  some  time,  but  last 
week  CA  customers  seemed 
primed  to  take  advantage  of  the 
most  recent  integration  effort  by 
the  company. 

“1  plan  to  use  CA  technology  to 
condense  four  management  con¬ 
soles  down  to  one  and  then 
move  my  staff  off  the  mundane 
task  of  watching  multiple  moni¬ 
tors, ’’said  Linda  Reino,CIO  at  Uni¬ 
versal  Health  Services  in  King  of 
Prussia,  Pa.“l  trust  the  automation 
they  have  built  into  the  software. 
I  have  better  things  for  my  people 
to  be  doing.” 

Reino  expects  to  have  Uni¬ 
center  Network  and  Systems 
Management  (NSM)  11  rolled 
out  in  three  to  six  months. 

Improving  identity  management 

For  Kevin  Murphy,  senior  sys¬ 
tems  analyst  at  Reynolds  & 
Reynolds  in  Dayton,  Ohio,  inte¬ 
gration  means  his  previous 
Netegrity  Web  access-provision¬ 
ing  products  will  work  better 
with  CA’s  eTrust  identity  and 
access  management  (IAM)  tools. 
With  CA  Identity  Manager,  an¬ 
nounced  at  the  show  and  set  to 
ship  by  year-end,  Murphy  told 
show  attendees  he  would  be  able 
to  better  install  IAM  processes 
across  Reynolds  &  Reynolds 
dealer  and  customer  networks 
worldwide.  He  is  beta  testing 
Identity  Manager  8. 

“As  a  public  company,  poor 
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identity  management  practices 
put  our  company  at  risk  and  our 
customers  at  risk,”  Murphy  said. 
“CAs  integration  of  its  eTrust  tech¬ 
nology  with  the  Netegrity  prod¬ 
ucts  will  give  me  a  centralized 
identity  management  platform.” 

Keith  Rabun, IS  division  manager 
at  Austin  Energy  in  Texas,  said  he 
went  shopping  for  products  to 
consolidate  his  service  desk 
operations  18  months  ago  and 
decided  to  work  with  CA  be¬ 
cause  of  the  company’s  plans  for 
integrating  its  disparate  products 
into  a  suite.  As  a  beta  tester,  he  is 
hoping  to  roll  out  Service  Desk 
1 1  and  Unicenter  NSM  1 1  in  the 
next  few  months. 

“We  were  having  a  lot  of  trouble 
with  preexisting  legacy  systems 
in  terms  of  documentation  and 
management.  We  had  multiple 
entry  points  to  manage  assets,”  he 
said.“It  was  too  much  administra¬ 
tive  overhead  and  burden  to 
maintain  the  multiple  systems.” 

Rabun  said  he  expects  to  roll 
out  more  consistent  workflows 
with  Service  Desk  11  and  take 
advantage  of  the  increased  secu¬ 
rity  available  with  SNMP  Version 
3  in  Unicenter  NSM  11.  “As  a  util¬ 
ity  provider  we  have  stringent 
regulatory  requirements,  so  any 
added  security  we  can  get  in  our 
management  products  is  wel¬ 
come,”  Rabun  said. 

Integration  is  something 
Maurice  Ficklin  also  is  anxiously 
awaiting  in  Unicenter  Wireless 
Site  Management  1 1 ,  except  he’s 
looking  forward  to  the  idea  of  in¬ 
tegrating  wired  network  data 
alongside  wireless  statistics  in 
one  management  console,  he 
said.  The  director  of  network  ser¬ 
vices  within  the  IT  department  at 
Albany  State  University  in 
Georgia  said  the  next  release  of 
the  wireless  network-manage¬ 
ment  software,  currently  in  beta 
tests  on  his  network,  will  speed 


Can  open  source 
still  save  Novell? 

BY  DENI  CONNOR  AND  JENNIFER  MEARS 

When  Novell  releases  its  fourth-quarter  financial  results  next  week, 
industry  observers  will  be  looking  for  signs  of  whether  the  company’s 
big  bet  on  Linux  is  starting  to  pay  off. 

So  far  Novell  has  had  little  to  show  even  though  the  Linux  market 
is  booming.  Industry  watchers  say  Novell  needs  to  more  forcefully 
pull  away  from  its  proprietary  software  roots  to  win  over  open 
source  supporters. 

“I  can’t  find  any  other  companies  that  have  . . .  leveraged  an  open 
source  and  proprietary  model  and  been  successful  at  making  money 
at  it,”  says  John  Enck,a  vice  president  and  research  director  at  Gartner. 
“We  remain  skeptical  on  how  a  company  can  make  money  on  open 
source  other  than  services  and  maintenance.” 

At  the  start  of  last  year,  CEO  Jack  Messman  said  the  company’s  acqui¬ 
sition  of  SuSE  Linux  would  help  turn  Novell  around  within  two  years. 
But  with  those  two  years  almost  up,  the  company  continues  to  struggle. 
In  the  third  quarter,  Novell  reported  revenue  of  $290  million,  down  5% 
from  the  $304  million  it  posted  in  the  year-earlier  quarter.  Earnings 
plummeted  90%  over  that  period.  And  earlier  this  month,  Novell  said  it 
was  slashing  its  5,800-person  workforce  by  10%. 

Novell  declined  requests  for  interviews, but  in  published  reports  Mess- 
man  has  dismissed  the  flagging  third-quarter  numbers  as  a  “one-time 
glitch"  and  has  said  the  company’s  Linux  strategy  is  on  track. 

Still,  the  company  has  struggled  when  it  could  be  cashing  in  on  an 

See  Novell,  page  16 


plans 

the  discovery  of  access  points 
and  report  data  more  intuitively. 

“The  new  version  is  using  multi¬ 
ple  protocols  in  its  discovery,  and 
it  can  find  access  points  in  30 
seconds  instead  of  10  minutes," 
Ficklin  said.  “CA  really  put  the 
time  and  effort  into  making  sure 
this  stuff  would  work  before  they 
put  it  out  to  customers.” 

Single  view  wanted 

Much  of  the  effort  went  to 
establishing  the  CA  Integration 
Platform,  CA  said.  The  premise 
behind  the  technology  is  to  let  IT 
managers  get  a  single  view  of  an 
asset  across  different  systems.  In¬ 
tegration  Platform  also  supports 
a  Web  services-like  flow  of  infor¬ 
mation  among  previously  dis¬ 
parate  products.  The  platform  in¬ 
corporates  common  policies, 
software  agents  and  CA’s  man¬ 
agement  database,  which  will 
store  in  a  repository  manage¬ 
ment  data  collected  about  net¬ 
worked  IT  assets. 

For  instance,  various  applica¬ 
tions  under  the  Unicenter  1 1  soft¬ 
ware  umbrella,  which  have  report¬ 
edly  been  beta  tested  by  some 
500  users,  include  upgraded  agent 
software  that  can  do  the  work  of 
multiple  agents.  For  customers 
that  may  have  had  three  or  four 
Unicenter  software  agents  for  dif¬ 
ferent  applications,  one  agent 
will  replace  them. 

“The  agent  technology  will  be 
the  same  across  products,  and 
customers  won’t  need  to  have 
more  instances,  since  the  agent 
software  will  work  with  various 
management  applications  to  col¬ 
lect  data  and  take  action,”  ex¬ 
plained  Alan  Nugent,  senior  vice 
president  and  general  manager  of 
Unicenter. 

Despite  optimism  from  cus¬ 
tomers,  industry  watchers  warn 
that  CA  still  has  a  long  way  to  go. 

“CA  is  trying  to  tell  its  network 
executive  and  high-level  IT  man¬ 
ager  customers  that  a  CA  prod¬ 
uct  purchase  will  help  them  pri¬ 
oritize  and  manage  their  sys¬ 
tems  and  their  IT  investments 
more  efficiently;”  said  Stephen 
Elliot,  a  senior  analyst  with  IDC. 
“But  with  these  releases,  CA  has 
to  show  it  has  at  least  80%  of 
what  its  competitors  do  right 
now,  and  then  that  it  all  does 
really  integrate. There  is  still  a  lot 
of  work  ahead.”  ■ 
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lew  IBM  unit  targets  data  mgmt. 


BY  ANN  BEDNARZ 

IBM’s  $15  billion  software  divi¬ 
sion  last  week  unveiled  a  newly 
formed  business  unit,  made  an 
acquisition  and  gave  a  sneak 
peek  at  an  upcoming  database 
product. 

The  new  business  unit  is 
devoted  to  master  data  manage¬ 
ment  (MDM),a  term  IBM  uses  to 
describe  its  platform  of  informa¬ 
tion  integration  wares.The  prod¬ 
ucts  have  a  common  purpose: 
to  help  companies  gain  control 
of  the  scads  of  data  sources 
scattered  across  their  systems. 
Combined,  they  can  move  data 
among  systems,  clean  and  syn¬ 
chronize  data  sources,  and  com¬ 
pile  contextual  snapshots  of 
customers  and  products. 

“The  vision  is  to  provide  a  single 
view  of  information  about  cus¬ 
tomers,  products,  suppliers,  loca¬ 
tions,  employees  —  every  core 
piece  of  information  that  compa¬ 
nies  have  —  and  to  make  sure 
that  all  the  stakeholders  in  a  busi¬ 
ness  are  using  this  information  in 
the  same  wayf  says  Dan  Druker, 


director  of  enterprise  data  solu¬ 
tions  at  IBM. 

The  MDM  lineup  features  newly 
revised  product  information-man¬ 
agement  and  customer  data-inte- 
gration  software  products  — Web¬ 
Sphere  Product  Center  and  Web¬ 
Sphere  Customer  Center. They  are 
designed  to  give  companies  a  sin¬ 
gle  view  of  customers,  products 
and  related  data.  Another  prod¬ 
uct,  WebSphere  Metadata  Server, 
due  to  ship  in  the  spring  of  2006,  is 
designed  to  allow  metadata  to  be 
more  easily  managed,  accessed 
and  shared  across  heterogeneous 
systems. 

IBM  doesn’t  expect  its  cus¬ 
tomers  to  buy  the  entire  stack  at 
once.  Rather,  implementations  typ¬ 
ically  will  focus  on  solving  a  par¬ 
ticular  business  problem,  Drucker 
says.  In  product-centric  industries 
such  as  retail  and  manufacturing, 
companies  tend  to  try  to  organize 
product-related  master  data,  while 
services-oriented  industries  such 
as  banking  and  insurance  tend  to 
look  to  first  resolve  customer 
data-integration  issues. 


Big  Blue’s  fab  five 


IBM  acquired  five  companies  within  the  last  two  years  to 
flesh  out  its  data  management  plans. 


Company  bought  Specialty 

Acquisition  completed 

DWI 

Customer  data  integration 

September  2005 

Ascential  Software 

Data  integration 

May  2005 

SRD 

Identity  analysis 

January  2005 

Venetica 

Unstructured  content  integration  October  2004 

Trigo  Technologies  Product  information  management  April  2004 


As  companies  build  out  their 
master  data-management  sys¬ 
tems,  data  becomes  available  for  a 
host  of  uses.  “It  can  feed  your 
e-commerce  site,  or  a  series  of 
composite  applications  that 
you’ve  built,  or  your  print  require¬ 
ments,  or  a  self-service  customer 
portal  on  the  Internet,”  Drucker 
says.  “It’s  about  reuseability  and 
making  sure  that  all  the  different 
systems  in  a  company  understand 
data  in  the  same  way’ 

Organizing  the  MDM  lineup  is 
an  integration  feat  in  itself.  IBM’s 
vision  relies  on  technologies 


Mesh  nets  offer  challenges 


BY  JOHN  COX 

Though  a  late  entry  Cisco’s  first  wireless  LAN  mesh 
product  will  throw  fuel  on  an  already  hot  market. 

Wireless  mesh  networks  based  on  the  IEEE  802.1 1 
standards  offer  a  range  of  benefits,  such  as  fast 
deployment,  minimal  cabling,  unlicensed  spectrum 
and  broadband  throughput  rates  over  wide  areas. 
Mesh  promises  to  make  802. 1 1-based  data  and  voice 
services  pervasive  and  affordable,  at  least  in  campus 
and  metropolitan-area  deployments. 

Those  benefits  are  persuading  a  variety  of  cus¬ 
tomers  to  adopt  mesh  topologies:  police  and  fire 
departments;  campuses;  construction  companies; 
utilities;  and,  increasingly  local  governments  for  busi¬ 
ness  and  residential  Internet  access. 

Cisco  is  throwing  the  Aironet  1500  into  a  highly 
competitive  and  lucrative  market.  So  far,  a  pack  of 
upstarts,  including  BelAir,  Firetide,  Strix  and  Tropos 
Networks,  and  one  established  vendor,  Nortel,  have 
had  the  market  to  themselves,  offering  an  array  of 
architectures  and  technologies.  Other  companies 
such  as  Motorola,  which  acquired  MeshNetworks, 
offer  proprietary  wireless  mesh  products.  The  1500 
makes  Cisco  a  major  player  in  this  market. 

“It  appears  to  be  a  very  competitive  product,”  says 
Craig  Mathias,  principal  with 
Farpoint  Group, a  wireless  consult¬ 
ing  company.  “And  it  does  have 
Cisco' on  the  front  label.” 

A  study  from  AB1  Research  esti¬ 
mates  the  global  market  for 


I  Read  more  about  Cisco  s 
wireless  plans.  Page  23 


802.1 1  mesh  products  to  be  $1 16  million  and  that  it 
will  soar  to  $1.3  billion  five  years  from  now.  Much  of 
that  will  be  spent  by  municipalities  or  service 
providers  to  offer  low-cost  wireless  Internet  access, 
says  Sam  Lucero,  ABI  senior  analyst. 

“Mesh  is  attractive  because  of  its  [low]  cost  and 
ease  of  deployment,”  Lucero  says.  Outdoor  mesh 
access  points  cost  $2,000  to  $6,000,  with  an  average 
price  of  $3,000;  roughly  20  nodes  are  needed  to 
cover  1  square  mile,  he  says. 

“But  this  is  much  more  cost-effective  than  trying  to 
trench  new  fiber  or  cable  along  the  streets,”  he  says. 
“And  in  some  cases,  [mesh]  is  the  only  way  to  supply 
these  services.”  Laying  fiber  can  cost  up  to  $150,000 
per  linear  mile,  according  to  Lucero. 

Mesh  networks  can  start  with  just  the  barest  num¬ 
ber  of  nodes  needed  to  blanket  a  given  area, 
Mathias  says.  As  users  and  traffic  increase,  more 
nodes  can  be  installed.  Costs  are  held  down 
because  you  don’t  have  to  provide  a  wired  back¬ 
haul  connection  to  each  node:  traffic  from  clients 
can  hop  through  several  wireless  nodes  (which 
sometimes  can  draw  power  from  a  battery  or  solar 
cell  without  needing  an  electrical  connection)  to 
reach  a  gateway  that  links  with  the  wired  network. 

But  there  is  very  little  that’s  stan¬ 
dard  in  mesh  products. 

“There  are  so  many  differences 
in  products  and  approaches,” 
Mathias  says.  “The  secret  sauce  is 
See  Mesh,  page  18 


gained  in  five  acquisitions  com¬ 
pleted  since  spring  of  last  year. 
The  deal-making  started  with  the 
purchase  of  Trigo  Technologies, 
which  makes  product  informa¬ 
tion-management  middleware. 

On  the  tools  side,  IBM’s  pur¬ 
chase  of  Venetica  added  tech¬ 
nology  for  dealing  with  unstruc¬ 
tured  content,  such  as  images 
and  catalogs,  while  the 
Ascential  Software  purchase 
brought  core  tools  for  moving 
and  synchronizing  data  among 
repositories.  On  the  analysis 
front,  SRD’s  identity-resolution 
software  helps  companies  dis¬ 
cover  non-obvious  relationships 
among  their  customers,  while 
DWL’s  technology  helps  consoli¬ 
date  customer  data  from  multi¬ 
ple  enterprise  repositories. 

IBM  is  committing  1,000  em¬ 
ployees  to  the  MDM  unit  —  which 
is  going  after  a  market  that  IDC 
estimates  will  be  a  $10  billion  soft¬ 
ware  and  services  opportunity  by 
2009,  Druker  says. 

New  deals 

While  the  WebSphere  team  was 
making  its  information  integration 
pitch  last  week,  IBM’s  Tivoli  sys¬ 
tems  management  team  an¬ 
nounced  the  purchase  of  Colla¬ 
tion,  which  makes  application 
resource-mapping  software,  for  an 
undisclosed  amount. 

Collation’s  flagship  Confignia 
software  is  designed  to  map  inter¬ 
dependencies  among  IT  re¬ 
sources  so  staff  can  more  easily 
discover  the  source  of  application 
performance  problems.  It  cap¬ 
tures  information  about  databas¬ 
es,  switches,  routers,  load  bal¬ 
ancers,  Web  servers  and  applica¬ 
tion  servers  that  comprise  an 
application  environment,  then 
records  configuration  parameters 
and  tracks  changes. 

The  idea  is  to  help  IT  staff 


understand  the  effect  of  changes 
to  an  IT  environment,  such  as 
how  installing  a  security  patch  or 
upgrading  a  business  application 
could  trigger  a  series  of  unex¬ 
pected  problems.  The  combina¬ 
tion  of  Collation’s  software  and 
IBM’s  Tivoli  systems  management 
products  will  let  customers 
model  what  will  happen  when 
an  IT  change  is  made,  as  well  as 
test  their  environments  for  unau¬ 
thorized  changes,  IBM  says. 

Application  management  is 
particularly  important  as  more 
companies  deploy  composite 
application  environments  and 
virtualized  infrastructures, 
according  to  Jasmine  Noel,  a 
principal  analyst  at  research  firm 
Ptak.Noel  &  Associates.The  com¬ 
bination  creates  a  dynamic  envi¬ 
ronment  that  magnifies  the  need 
for  application  management. 

“Application  managers  cannot 
know  with  any  certainty  what  the 
runtime  application  composition 
looks  like  unless  it  is  actually  dis¬ 
covered  from  the  production  en¬ 
vironment,"  Noel  says.  “Under¬ 
standing  the  dependencies  be¬ 
tween  application  components 
running  on  virtualized  hardware 
across  a  distributed  network  to 
deliver  a  single  service  transac¬ 
tion  is  what  IBM  gets  with  the 
Collation  acquisition.” 

The  acquisition  also  strengthens 
IBM’s  configuration-management 
database  lineup,  and  helps  close 
the  gap  between  IBM  and  BMC 
Software,  Noel  says. 

Finally  on  the  database  front, 
IBM  gave  a  sneak  peek  of  the  next 
DB2  product,  code-named  Viper, 
which  is  entering  beta  testing. 
Robert  Picciano.vice  president  of 
database  servers  for  IBM,  pre¬ 
viewed  Viper  at  last  week’s  XML 
2005  Conference  in  Atlanta. 

Key  to  the  new  release  is  a  native 
XML  store  that  will  let  users  man¬ 
age  conventional  relational  data 
and  XML  data  without  requiring 
the  XML  data  to  be  reformatted. 
Nor  will  developers  have  to  dupli¬ 
cate  efforts  to  create  applications 
that  can  access  relational  data 
and  XML  repositories,  IBM  says. 

Also  new  to  Viper  is  support  for 
XQuery  a  standard  language  that 
uses  XML  to  express  queries 
across  diverse  data  sources,  in¬ 
cluding  structured  and  semi-struc¬ 
tured  documents,  relational  data¬ 
bases  and  object  repositories.  ■ 
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Juniper,  others  make  security  buyouts 


Securing  security 

Network  infrastructure  vendors  went  on  a  security  buying 
spree  last  week. 


Company 

Acquired 

Technology  gained 

Price 

Juniper 

Funk  Software 

Network  authentication,  RADIUS, 
802.1X  software 

S122  million 

Citrix 

Teros 

Application  firewall,  XML  traffic  inspection 

Undisclosed 

Force  10 

MetaNetworks 

10G  bit/sec  IDS/IPS  security  hardware 

Undisclosed 

BY  PHIL  HOCHMUTH 
AND  TIM  GREENE 

Network  hardware  companies 
continue  to  snap  up  technology 
they  can  use  to  make  security  a 
standard  feature  in  the  switches 
and  routers  that  comprise  the 
basic  network  plumbing  inside 
businesses. 

The  trend  continued  last  week 
as  Juniper  Networks  grabbed 
security  vendor  Funk  Software  for 
$122  million.  Citrix  Systems  then 
bought  its  way  into  the  applica¬ 
tion  firewall  market  by  acquiring 
start-up  Teros,  and  Force  10  Net¬ 
works  acquired  stealthy  intrusion- 
prevention,  intrusion-detection 
system  (IPS/IDS)  vendor 
MetaNetworks. 

“You  can’t  separate  security  from 
infrastructure  anymore,”  says  Law¬ 
rence  Orans,  principal  analyst  with 
Gartner.  “When  the  present  batch 
of  network  infrastructure  gear  on 
the  market  was  on  the  drawing 
board,  it  was  before  Blaster  and 
Sasser  and  heavy-duty  malware 
and  worm  threats.  You  now  need 
to  have  infrastructure  that  can 
quickly  maintain  your  network 
through  worm  storms  and  other 
forms  of  malware  attacks.” 

Last  week’s  security  acquisition 
trifecta  follows  12  months  of  buy¬ 
outs  where  Cisco  acquired  six 
security  vendors,  3Com  acquired 
IDS/IPS  stalwart  TippingFbint  Tech¬ 
nologies  (read  more  on  3Com’s 
integration  of  TippingFbint  secur¬ 
ity  products,  page  23),  Juniper 
bought  application  security  firm 
Beribit  and  Citrix  bought  SSL  VPN 
vendor  Net6. 

More  evidence  of  network  gear 
assimilating  security  features  can 
be  found  by  following  the  money 
Infonetics  Research  reports  that 
third  quarter  of  2005  sales  of 
secure  routers,  which  consist  of 
WAN  routers  with  VPN/firewall 
features,  jumped  21%  from  the 
previous  quarter,  while  the  overall 
router  market  grew  at  just  8% 
($859  million  for  the  quarter).  Of 
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Security  trends 

Read  Gartner  Analyst  Lawrence  Orans' 
breakdown  of  the  latest  security  product 
trends. 

OocFmder:  9857 


the  $189  million  in  sales  of  Layer 
4-7  switches  last  quarter,  half  came 
from  switches  with  built-in  SSL 
features  (www.networkworld. 
com,  DocFinder:  9854). 

Switching  on  security 

Juniper’s  buyout  of  Funk  is  in  an 
effort  to  add  switch-port  enforce¬ 
ment  of  policies  as  an  option  in 
Juniper’s  Unified  Access  Control 
(UAC)  scheme.  UAC  verifies  that 
computers  meet  security  policies 
before  they  gain  network  access 
and  that  users  can  reach  only 
those  resources  for  which  they 
have  been  authorized. 

UAC  supports  policy  enforce¬ 
ment  using  Juniper  Layer  3  fire¬ 
walls  placed  around  the  network 
at  strategic  points.  By  using  802.  IX 
authentication  supported  by 
Funk  products,  Juniper  will  be 
able  to  enforce  security  policies  at 
Layer  2. So  if  users  try  to  access  re 
sources  without  authorization  or 
if  their  machine  fails  a  security 
scan,  they  can  be  stopped  at  the 
access  switch  or  redirected  to  iso¬ 
lated  virtual  LANs. 

While  Juniper’s  first  move  was  at 
Layer  3, “we  intended  all  along  . . . 
to  provide  an  option  to  use  exist¬ 
ing  switching  infrastructure  that 
supported  Layer  2  enforcement 
points,”  says  Hitesh  Sheth, 
Juniper’s  vice  president  of  enter¬ 
prise  products  and  solutions. 

Layer  2  enforcement  is  the  cor¬ 
nerstone  of  Cisco’s  latest  version 
of  its  Network  Admission  Control 
(NAC)  enforcement,  as  well  as 
Microsoft’s  Network  Access  Pro¬ 
tection  (NAP)  in  cooperation 
with  switch  vendors.  These  meth¬ 
ods  use  a  mix  of  software  and 
switch  hardware  to  detect  danger¬ 
ous  clients  and  close  network  ac¬ 
cess  at  the  LAN-port  level 
(DocFinder  9855). 

Juniper  lacks  access  switches  in 
its  product  line.  That  had  been  a 
criticism  of  its  access-control 
plan,  because  Layer  2  enforce¬ 
ment  would  require  cooperation 
of  switch  vendors,  which  would 
be  unlikely  in  the  case  of  Cisco. 

Instead,  Juniper  is  pursuing  a 
standards-based  means  to  impose 
policies  via  switches.  Funk  paves 
the  way  with  its  802. IX  support 
and  its  support  for  standards 
being  developed  by  the  Trusted 
Computing  Group  industry  asso¬ 
ciation  that  is  working  on  open 
interfaces  to  support  secure  con¬ 


nections  to  networks,  among 
other  projects. 

“Most  people  have  a  more  per¬ 
vasive  switch  architecture  than 
they  do  a  security  infrastructure, 
so  it  makes  sense  to  try  to  leverage 
that,” says  Rob  Whitelelyan  analyst 
with  Forrester  Research. 

The  drawback  is  that  many  busi¬ 
nesses  have  not  upgraded  to 
switches  that  support  802.  IX,  so 
they  cannot  use  the  Layer  2  option 
until  they  do  so. The  expense  and 
disruption  of  upgrading  switches 
has  been  a  criticism  of  Cisco’s 
NAC  initiative.  Juniper  can  offer 
customers  Layer  3  enforcement  by 
overlaying  protection  on  existing 
networks  until  customers  upgrade 


to  802.  IX  switches. 

Firewall  smarts 

With  its  buy  of  Teros,  Citrix  gets 
the  start-up’s  Security  Application 
Gateway  a  software-based  security 
appliance  that  the  company  says 
can  block  attacks  against  corpo¬ 
rate  Web-based  applications.  The 
application  firewall  inspects  HTTP 
and  XML  traffic  streams  for  suspi¬ 
cious  activity  and  unauthorized 
protocol  schemas,  and  can  block 
or  filter  such  attacks. 

This  XML  inspection  and  secur¬ 
ity  capability  will  be  rolled  into 
NetScaler’s  line  of  application 
acceleration  switches,  according 
to  Wes  Wasson,  vice  president  of 


marketing,  Application  Network¬ 
ing  Group,  Citrix.  In  addition  to 
securing  XML  traffic,  he  says,  the 
Teros  technology  also  could  be 
used  in  the  future  on  Citrix  Net- 
Scaler  switches  to  accelerate  and 
optimize  XML  applications. 

The  Teros  buy  also  brings  Citrix 
up  to  speed  with  top  rival  F5  Net¬ 
works,  which  acquired  applica¬ 
tion  firewall  vendor  Magnifire  for 
$29  million  last  year,  as  well  as 
other  application  acceleration/ 
firewall  vendors,  such  as 
NetContinuum. 

As  for  Force  10’s  acquisition  of 
MetaNetworks,  the  deal  will  give 
the  10G  Ethernet  switch  start-up 
its  first  IPS/IDS  capabilities,  which 
it  will  offer  as  an  appliance,  and 
later  build  into  its  10G  Ethernet 
switches.  MetaNetworks  Web  site 
says  its  security  hardware  can  per¬ 
form  stateful  firewall  packet  in¬ 
spection  and  IDS/IPS  capabilities 
on  10G  bit/sec  traffic  streams 
without  slowing  packets. The  gear 
is  used  in  government  deploy¬ 
ments  for  securing  high-speed 
networks,  the  company  and 
Force  10  sayB 


Microsoft 

continued  from  page  7 

what  it  takes,”  says  Nelson  Ruest,a  consultant  and  sys¬ 
tems  integrator  with  Resolutions  Enterprises  in  Vic¬ 
toria,  British  Columbia.“In  terms  of  Exchange  12,  they 
can  break  memory  barriers,  they  can  break  TCP/IP 
barriers  in  terms  of  the  number  of  connections.  It’s 
more  stable,  more  performance  and  better  power” 

The  message  is  a  good  one,  but  users  are  not  ready 
to  abandon  their  32-bit  platforms. 

“We  do  not  have  a  64-bit  strategy  yet,”  says  Will  Nel¬ 
son,  COO  for  Compass  Health  in  Mount  Vernon, 
Wash.  He  says  the  company  will  take  cues  from  its 
services  partner  Azaleos,  which  provides  the  health¬ 
care  company  with  a  preconfigured  appliance  run¬ 
ning  Exchange  and  remote  management  services. 
“With  Azaleos  there  would  be  a  lot  of  coordination 
with  them  in  moving  to  that  platform.” 

Some  analysts  say  early  adopters  will  be  those  who 
are  desperate  to  step  up  their  server  and  application 
performance. 

“Unless  customers  have  a  business  need,  say  they 
need  more  scalability  out  of  a  database  or  they  have 
a  process-intensive  application,  they  are  better  stay¬ 
ing  on  32  bit," says  Al  Gillen,  an  analyst  with  IDC. 

He  says  customers  will  buy  64-bit  hardware  be¬ 
cause  that  is  becoming  the  norm,  but  it  is  likely  users 
won’t  go  to  a  64-bit  Windows  operating  system  until 
Longhorn  F£2,  which  is  expected  to  ship  in  2009. 

Today,  64-bit  versions  of  the  Windows  Server  oper¬ 
ating  system  account  for  only  0. 1  %  of  Microsoft  sales, 
IDC  says.  Microsoft  shipped  64-bit  Windows  Server 


2003  for  Itanium-based  Systems  in  April  2003  and 
Windows  Server  2003  x64  Editions  in  April  2005.  IDC 
projects  new  server  licenses  for  64-bit  Windows  oper¬ 
ating  systems  will  spike  in  2007  at  about  35%  and 
then  climb  to  52%  and  63%  in  2008  and  2009. 

“With  our  road  map,  we  have  a  ‘ready  when  you 
are’  approach,”  says  Samm  DiStasio,  director  of  prod¬ 
uct  management  for  the  Windows  Server  division. 
“But  we  are  trying  to  articulate  when  64  bit  happens 
in  the  various  products  because  that  is  where  you  get 
the  most  bang  for  the  buck.” 

In  addition  to  its  future  platforms,  Microsoft  says  it 
is  releasing  an  IT-centric  version  of  its  desktop  search 
tool  that  gives  IT  the  ability  to  deploy  the  software 
using  Microsoft  System  Management  Server  or  third- 
party  deployment  tools.  The  search  engine,  which 
works  locally  and  across  intranets  and  the  Internet, 
integrates  with  email,  Office  and  ShareFbint  Fbrtal 
Server.  Users  also  can  write  custom  filters  to  get  at 
other  data  sources. 

Microsoft  also  says  Virtual  Server  2005  R2  will  be 
available  in  six  to  eight  weeks, with  the  price  for  the 
Standard  Edition  dropping  from  $499  to  $99  and  the 
Enterprise  Edition  from  $999  to  $199. Microsoft  is  fac¬ 
ing  sharp  competition  in  the  virtual  server  market 
from  established  leader  VMware  and  others  such  as 
Swsoft,  which  last  week  began  shipping  Version  3.5 
of  its  Virtuozzo  server  for  Windows  with  a  price  start¬ 
ing  at  $1,000  per  CPU. 

Microsoft  also  says  it  will  ship  early  next  year  a 
modeling  tool  called  Capacity  Planner,  designed  to 
help  with  rolling  out  Exchange  and  Microsoft’s  Oper¬ 
ations  Manager.  ■ 
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_DAY  4:  My  data  has  a  life  of  its  own.  I  can’t 
control  it.  I  can’t  manage  it.  I  can’t... get  out. 

_DAY  5:  I  called  for  help.  I  tapped  out  a  distress 
signal  with  an  alien  wrench.  Do  the  guys  upstairs 
know  Morse  code? 


16  •  www.networkworld.com  •  11.21.05 


Open  source  IP  PBXs  make 
strides,  have  far  to  go 


BY  TIM  GREENE 

Purveyors  of  inexpensive  open 
source  IP  PBXs  last  are  upgrading 
their  software  to  include  better 
integration  with  traditional  cir¬ 
cuit-switched  phone  networks, 
which  could  encourage  larger 
deployments. 

The  two  notable  open  source  IP 
PBX  platforms,  Asterisk  and  sipX, 
initially  were  meant  to  provide 
VoIP  support  to  hundreds  of 
phones,  but  certain  implementa¬ 
tions  have  reached  thousands, 
vendors  of  the  products  say. 

For  example,  Digium,  which 
commercializes  the  Asterisk  IP 
PBX,  has  sold  its  software  to  the 
city  of  Manchester,  Conn.,  to  sup¬ 
port  1,500  phones  for  schools, 
police,  fire  and  administrative 


offices,  says  Mark  Spencer,  presi¬ 
dent  of  Digium  and  the  creator  of 
Asterisk. 

Similarly,  a  Fortune  50  company 
is  putting  in  a  2,800-phone  S1P- 
foundry  network  because  it  repre¬ 
sents  a  pure  Session  Initiation  Pro¬ 
tocol  (SIP)  implementation,  says 
Al  Brisard,  vice  president  of  mar¬ 
keting  of  PingTel,  which  sells  a 
commercial  version  of  SIP- 
foundry  He  declined  to  identify 
the  user. 

“Traditional  vendors  of  PBXs 
have  a  couple  of  features  based 
on  SIRbut  other  features  may  be 
proprietary  he  says. 

AOL  and  EarthLink  also  use 
PingTel’s  PBX  to  support  resi¬ 
dential  VoIP  services. 

Despite  customers’  interest  in 
deploying  larger  numbers  of  IP 
phones  from  these  open  source 
platforms,  vendors  are  still 
struggling  to  increase  sales  in 


the  VoIP  PBX  market,  according 
to  IDC. 

Avaya,  Cisco  and  Nortel  com¬ 
mand  most  of  the  market, 
which  IDC  says  hit  $4.3  billion 
worldwide  last  year.  The  open 
source  vendors  sold  so  few  that 
they  didn’t  register  on  the  IDC 
surveys. 

The  platforms’  developers  are 
making  strides  enhancing  their 
basic  code. 

Digium  has  improved  Asterisk’s 
call-server  clustering  and  voice 
mail  support  (see  www.network 
world.com,  DocFinder:  9857),  and 
SIPfoundry  has  upgraded  its  sipX 
PBX  software  to  act  as  a  routing 
engine  for  SIP  signaling,  which 
means  third-party  applications 
such  as  conference  bridges  and 


automatic  call  distributors  can  be 
readily  added  to  it. 

Digium  and  PingTel  use  similar 
business  models.  They  add  fea¬ 
tures  to  the  basic  open  source 
PBX  software  and  sell  it  packaged 
to  businesses  an  provide  support. 
Customers  can  get  the  base  soft¬ 
ware  free,  but  they  have  to  get  it 
up  and  running  and  maintain  it 
themselves. 

The  big  attraction  is  price.  In  the 
case  of  Manchester,  Cisco  bid  $1.2 
million  to  install  the  city’s  new 
phone  equipment,  and  Digium 
won  the  contract  with  a  bid  of 
$400,000,  says  Ron  Dutt,  president 
of  Softel,  the  Old  Ridge,  N.J.,  inte¬ 
grator  that  installed  the  system. 
That  included  a  network  up¬ 
grade  to  Power  over  Ethernet  to 
support  the  IP  phones  and  cus¬ 
tom  applications. 

Brisard  says  PingTel  IP  PBX  sys¬ 
tems  cost  one-third  the  price  the 


big-name  vendors  charge. 

While  the  savings  are  attractive, 
going  with  little-known  compa¬ 
nies  can  be  risky,  says  Nora  Freed¬ 
man,  an  analyst  with  IDC.  Most 
large  businesses  will  avoid  open 
source  when  building  a  VoIP  infra¬ 
structure,  she  says,  because  it  is  a 
dangerous  enough  career  move 
to  try  VoIP  let  alone  use  an  open 
source  platform  or  a  platform 
with  a  relatively  unknown  vendor 
supporting  it.  “Free  or  cheap  is 
only  good  for  consumers  and 
small  and  medium  companies 
that  can  afford  to  take  the  risk,” 
she  says. 

It  is  much  safer  to  go  with  a  big 
name.  For  instance,  Cisco  not 
only  has  an  IP  PBX,  it  also  sup¬ 
plies  switches  and  routers,  so  if 
there  is  a  VoIP  problem  linked  to 
the  network,  Cisco  can  handle  it. 
If  a  business  uses  one  vendor  for 
the  IP  PBX  and  another  for  its 
network  equipment,  fixing  such 
problems  becomes  harder,  Freed¬ 
man  says,  and  there  is  a  greater 
chance  of  long  outages.  “People 
are  putting  their  jobs  on  the  line 
switching  over  to  VoIPThey  want 
to  have  a  credible  vendor  be¬ 
hind  them.” 

But  if  a  large  business  with  pro¬ 
gramming  resources  was  willing 
to  take  the  risk,  open  source  PBX 
code  could  mean  faster  develop¬ 
ment  of  features  specific  to  its 
needs.  “They  could  write  custom 
applications  to  improve  business 
processes,”  Freedman  says.“With  a 
bigger  vendor,  you  have  to  work 
with  the  vendor  or  bring  in  a  third 
party  to  write  new  applications.  If 
you’re  a  company  with  Cisco 
PBXs,  you  don’t  have  access  to 
Cisco  Skinny  [call-control]  code,” 
she  says. 

Telesthetics,  a  service  provider 
in  Rochester,  Mich.,  uses  Digium’s 
IP  PBX  to  support  voice  services 
to  business  customers,  and  with 
in-house  staff  can  support  custom 
applications. 

Telesthetics  provisioned  the 
platform  to  take  incoming  calls 
for  a  medical  company  and  for¬ 
ward  them  to  extensions  based 
on  the  project  code,  says  John 
Lodden,  director  of  operations 
for  the  provider.“You  can  create 
just  about  any  application  you 
want,”  he  says.B 


Ups  and  downs  of  open  source  PBXs 

While  readily  available  IP  PBX  software  from  the  open  source 
community  can  offer  benefits  to  businesses,  it  can  pose 
concerns  that  are  not  an  issue  with  commercial  IP  phone 
platforms. 


Pros 

Free  or  low  cost. 

Extensible  for  custom  application 
development. 

Ongoing  development  by  open  source 
community. 


Cons 

No  support. 

May  require  work  to  integrate  with  other 
network  elements. 

Lacks  sophisticated  management  tools. 


Novell 

continued  from  page  10 

exploding  Linux  market.  Linux  servers  posted  their  12th  consecutive 
quarter  of  double-digit  growth  in  the  second  quarter  of  this  year,  with  rev¬ 
enue  growing  45%  compared  with  the  same  period  a  year  ago,  accord¬ 
ing  to  IDC.  By  contrast,  Microsoft  Windows  Server  revenue  grew  14%. 

Maybe  more  troubling  for  Novell  is  that  Red  Hat,  about  a  tenth  of  its 
size,  is  thriving.  Credit  Suisse  First  Boston  says  Red  Hat  holds  nearly  two- 
thirds  of  the  Linux  market,  while  SuSE’s  share  is  hovering  around  20%. 

Not  that  Novell’s  financial  picture  is  completely  bleak:  the  company 
has  $1.6  billion  in  the  bank.  But  financial  and  industry  analysts  were 
unsettled  enough  by  the  third-quarter  results  to  call  for  management 
changes  as  a  way  to  right  Novell’s  course. 

The  issue  is  that  Novell  is  having  a  tough  time  articulating  a  strategy 
that  involves  a  tricky  balancing  act  of  selling  both  proprietary  and  open 
source  software,  analysts  say 

Next  week’s  financial  results  will  shed  more  light  on  how  Novell’s  tran¬ 
sition  is  going,  but  regardless  of  those  results,  analysts  and  users  say  the 
company  needs  to  more  fully  embrace  the  idea  of  open  source.  The 
software  maker  bundled  its  classic  NetWare  services  with  SuSE  Linux 
earlier  this  year,  but  hasn’t  fully  made  the  open  source  leap. 

Novell  executives  say  they’re  bringing  value  to  Linux“up  the  stack  from 
the  kernel”  with  services  such  as  identity  management,  security  and  sys¬ 
tems  management.  Red  Hat  is  taking  the  same  path, but  submitting  those 
add-ons  —  such  as  the  directory  services  it  acquired  from  Netscape  — 
into  the  open  source  community  under  the  General  Public  License. 

“After  spending  a  significant  amount  of  money  to  acquire  [Linux 
desktop  and  server  company]  Ximian  and  SuSE,  it  chose  to  bury  the 
technologies  and  the  opportunity  it  acquired  under  a  flood  of  its  tradi¬ 
tional  products,”  says  Michael  Goulde.an  analyst  at  Forrester  Research. 
“Certainly  a  new  strategy  is  required  focusing  on  the  complete  applica¬ 
tion  platform.” 

Novell’s  approach  to  open  source  hasn’t  gone  unnoticed  by  cus¬ 
tomers.  Jim  Klein,  director  of  information  services  and  technology  at 
the  Saugus  Union  School  District  in  California,  for  example,  is  a  long¬ 
time  NetWare  user  and  was  co-owner  of  a  Novell  reseller  before  taking 
his  current  position  10  years  ago.  But  when  he  decided  to  migrate  his 
52  NetWare  servers  to  Linux  early  last  year,  he  opted  for  Red  Hat. 

“Ironically  when  Novell  bought  SuSE  and  committed  to  Linux,  it  legit¬ 
imized  the  platform  for  us  and  caused  us  to  look  at  it  more  seriously 
Klein  says.  But  after  reviewing  both  Red  Hat  and  Novell, “ultimately  it 
came  down  to  who  was  a  true  open  source  company 

“Novell  was,  and  is  still,  layering  their  proprietary  software  on  top  of 
Linux,  which  was  —  and  appears  to  still  be  —  their  primary  focus, ’’Klein 
says.  “Once  someone  becomes  committed  to  the  modularity  of  the 
open  source  model,  the  Novell  way  of  doing  things  doesn’t  match  up.” 

The  problem  is  that  while  the  primary  tenet  of  the  open  source  com¬ 
munity  is  to  build  applications  on  open  standards  to  allow  interoper¬ 
ability  Novell  closely  links  its  open  source  offerings  to  its  proprietary 
software,  he  says. 

“Novell  solutions,  while  they  support  open  standard  connections  to  a 
certain  extent,  rely  on  each  other  to  function,  rather  than  operating  inde¬ 
pendently  GroupWise  won’t  work  without  [Novell  Directory  Services], 
which  [management  software]  ZENworks  also  requires,”  he  says. 

What  Novell  needs  to  do  is  “become  more  a  pure-play  open  source 
company  Klein  says.“All  of  their  products  should  operate  independent¬ 
ly  of  each  other  but  complement  each  other,  and  drop  easily  into  an 
enterprise  environment,  with  full  support  for  open  standards  and  inte¬ 
gration  with  non-Novell  solutions.” 

It’s  that  kind  of  corporate  rein¬ 
vention  that  seems  to  be  driving 
Novell’s  latest  restructuring 
efforts,  analysts  say.  “Novell  is  try¬ 
ing  to  reshape  the  company  in  a 
big  way  Enck  says.  “They  are  . . . 
doing  this  with  a  real  goal  of  mov¬ 
ing  forward  and  making  some 
money  on  Linux,  identity  and  re¬ 
source  management.”® 


nww.com 

Behind  the  departures 

Columnist  Dave  Kearns  speculates  on 
why  Hubert  Mantel  left  Novell. 

DocFinder:  9858 


_DAY  32:  Can’t  find  anything.  Can’t  even  find  my  desk 
I’m  drowning  in  a  sea  of  data  (gurgle). 


I 


_DAY  33:  Finally.  I’ve  taken  back  control.  I  have 
simplified  my  storage  management  with  virtualization 
technology  from  IBM,  consolidating  the  view  of  my 
data.  Manageable.  Simple.  Genius. 


_Take  heed,  I.T.  people  of  planet  Earth.  Call  IBM. 
Before  THEY  take  over... 
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.S.,  EU  at  odds  over  ’Net 


BY  JOHN  BLAU, 

IDG  NEWS  SERVICE 

TUNIS,  Tunisia  —  Both  the 
United  States  and  the  European 
Union  are  claiming  victory  in  an 
agreement  reached  last  week 
over  Internet  governance,  one  of 
the  most  contentious  issues  being 
debated  at  the  World  Summit  on 
the  Information  Society 

The  problem  is  that  the  parties 
are  at  opposite  ends  of  the  Inter- 
net-governance  debate.  While  the 
United  States  interprets  the  agree 
merit  as  giving  it  continued  con¬ 
trol  over  the  Internet’s  core  com¬ 
ponents,  including  its  addressing 
systems,  the  EU  reads  it  as  open¬ 
ing  the  door  for  Internet  oversight 


to  be  shared  by  governments  of 
the  world. 

“The  document  is  fabulous,” said 
David  Gross,  ambassador  for  the 
Bureau  of  Economic  and  Busi¬ 
ness  Affairs  at  the  U.S.  Department 
of  State  and  the  person  leading 
the  U.S.  delegation.  “There  were 
proposals  to  create  a  governmen¬ 
tal  organization  that  might  control 
many  technical  aspects  of  the 
Internet  and,  through  this,  content 
as  well.  This  is  now  off  the  table. 
There  is  no  change  to  the  U.S.  role, 
no  change  to  [the  Internet  Cor¬ 
poration  for  Assigned  Names  and 
Numbers].” 

Gross  warned  that  opening  the 
process  to  intergovernmental 


oversight  could  weigh  down  the 
Internet  with  bureaucracy  and 
stifle  innovation. 

The  only  change  that  Gross 
acknowledged  was  an  agreement 
to  create  a  forum  to  discuss  issues 
such  as  cybercrime  and  spam.  But 
he  pointed  out  that  the“forum  will 
play  no  role  in  oversight.” 

As  the  EU  sees  it,  however,  the 
United  States  has  consented  to 
consider  a  new  oversight  body 
by  agreeing  to  the  “enhanced 
cooperation”  wording  in  the  doc¬ 
ument  approved  by  delegates  in 
the  Internet  governance  group, 
said  Martin  Selmayr,  a 
spokesman  for  EU  Information 
Society  Commissioner  Viviane 


Reding.  “The  role  of  ICANN 
shouldn’t  change,  but  what  has 
to  change  is  the  oversight  role,” 
he  said. The  EU  and  other  coun¬ 
tries  are  demanding  “oversight  in 
cooperation  and  on  equal  foot¬ 
ing,”  he  added. 

There  is  concern  that  a  stale¬ 
mate  in  the  talks  over  ’Net  gover¬ 
nance  could  result  in  govern¬ 
ments  breaking  away  to  launch 
their  own  root  file  systems  for 
managing  IP  traffic  that,  in  the 
worst-case  scenario,  are  not  inter¬ 
connected  and  interoperable; 
this  could  lead  to  a  fragmenta¬ 
tion  of  the  Internet  and  a  possi¬ 
ble  breakdown  in  global  data 
communications. 

Countries  including  China, 
Brazil  and  Russia  lobbied  inten¬ 
sively  at  the  first  summit  in 
Geneva  two  years  ago  for  changes 
to  the  current  system.  The  EU, 
which  had  initially  supported  the 
U.S. position,  made  a  surprise  turn¬ 
about  in  September,  when  it 
agreed  to  the  need  for  more  gov¬ 
ernmental  participation. 

How  do  others  interpret  the 
agreement?  Robert  Shaw,  Internet 
strategy  and  policy  adviser  at  the 
International  Telecommunic¬ 
ation  Union,  points  to  powerful 
wording  in  the  document  that 
suggests  a  dramatic  change  —  if 
not  an  end  —  to  the  dominant 
U.S.  role  in  the  Internet.’There  are 
several  paragraphs  that  call  for 
changes  in  the  way  the  Internet  is 
governed  today”  Shaw  said.  “And 
the  U.S.  has  agreed  to  these.That’s 
a  fact.” 

For  instance,  countries  should 
be  involved  in  decisions  regard¬ 
ing  their  own  top-level  domain. 
“This  is  a  definite  change  over  the 
present  situation,”  Shaw  said. 

The  document  also  recognizes 
that  all  governments  should  have 
“an  equal  role  and  responsibility 
for  Internet  governance  and  for 
ensuring  the  stability  security  and 
continuity  of  the  Internet”  and  a 
role  in  the  development  of  “glob¬ 
ally  applicable  principles  on  pub¬ 
lic-policy  issues  associated  with 
the  coordination  and  manage¬ 
ment  of  critical  Internet 
resources.” 

The  agreement  also  calls  for  the 
U.N. Secretary-General  to  initiate  a 
process  by  the  first  quarter  of  2006 
to  create  “enhanced  coopera¬ 
tion,”  or  what  the  EU  views  as  the 
seed  for  a  new  oversight  body  ■ 


Mesh 
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the  mesh-routing  protocol.  And  everyone  imple¬ 
ments  them  differently  Under  what  conditions  do 
you  hop  [from  one  node  to  another], and  to  which 
nodes?  How  do  you  actually  route  packets  through 
the  mesh?  All  these  are  answered  differently’ 

Some  products,  notably  from  Tropos,  use  a  single 
radio  to  handle  client  and  backhaul  connections. 
Cisco  and  others  use  separate  radios  for  each  con¬ 
nection.  Some  vendors  will  use  two  or  more  radios 
for  both  tasks.“Should  you  use  multiple  radios  or  not? 
And  if  yes,  how  many?”  Mathias  asks.  “No  one  to  my 
knowledge  has  done  comprehensive  tests  of  these 
products ...  to  give  us  comprehensive  benchmarks.” 

The  department  of  electrical  engineering  and  com¬ 
puter  sciences  at  the  University  of  California  at 
Berkeley  is  a  beta  site  for  the  Aironet  1500.  The 
department  has  10  nodes  deployed  around  the  uni¬ 
versity’s  campus,  which  has  hundreds  of  buildings. 

This  deployment  proved  an  unexpected  challenge, 
says  network  manager  Fred  Archibald.  Access  points 
are  designed  for  mounting  on  the  horizontal  arms  of 
municipal  light  poles.  But  few  of  these  were  on  cam- 
pus.“We  mounted  them  on  roofs, about  70  to  90  feet 
above  the  ground,”  Archibald  says.  “We  had  to  use 
specialized  directional  antennas  to  get  the  signal 
back  down  to  the  ground.” 

There  was  more  interference  than  expected  in  the 

Mixed  meshes 


802.11  5-GHz  band  Cisco  uses  to  link  the  nodes, 
Archibald  says.  The  interference  was  apparently 
caused  by  the  large  number  of  wireless  research  pro¬ 
jects  at  the  engineering  school,  he  says. 

The  1500  nodes  are  divided  into  groups,  each  of 
which  is  assigned  its  own  radio  channel,  optimizing 
throughput  for  users  and  nodes  in  each  group.  But 
that  means  fewer  routing  options  for  the  nodes  in 
each  group  in  case  of  outages  or  interference,  Archi¬ 
bald  says. “The  mesh  is  not  as  flexible  in  reconfigur¬ 
ing  itself,” he  says.“Cisco  has  told  me  they  will  get  bet¬ 
ter  in  this  in  the  future.” 

Troubleshooting  is  more  complicated  in  a  mesh. 
“The  route  [for  a  client’s  packets]  is  more  complex, 
and  it’s  constantly  changing,”  he  says.  One  major 
upgrade  during  the  beta  test  was  the  introduction 
of  a  GUI  for  the  network-monitoring  software.  The 
display  can  now  show  a  network  administrator  the 
path  that  a  client  packet  has  taken  through  a  mesh. 

Finally  the  beta  test  revealed  wide  differences  in 
how  802.11  client  adapters  cope  with  variable  sig- 
nal-to-noise  ratios  (SNR)  that  can  occur  outdoors. 
“Some  don’t  respond  if  the  SNR  is  not  as  ‘friendly’ 
outdoors,”  Archibald  says.“Some  are  rock  solid.” 

Mathias  doesn’t  expect  mesh  networks  to  take 
over  in  carpeted  offices.  “But  there  are  plenty  of 
cases  where  you  don’t  have  any  wiring,  such  as 
loading  docks  or  warehouses;  concrete,  not  carpet¬ 
ed  sites,”  he  says, “and  campus  nets  where  you  have 
a  hybrid  of  outdoor  and  indoor  wireless.”B 


Mesh  vendors  offer  a  wide  array  of  features  and  approaches  for  outdoor  WLAN  access  points. 


Vendor 

Product 

Radios  for  client  access 

Radios  for  backhaul 

Ethernet  ports 

BelAir  Networks 

BelAir  200 

1  802.11b/g 

Up  to  3  proprietary  5GHz 

Eight 

Cisco 

Aironet  1500 

1  802.11b/g 

1  802.11a 

Zero 

Firetidc 

HotPort  3203 

1  802.11a/b/g 

Same  as  for  client  access 

Two 

Nortel 

Wireless  AP  7220 

1  802.11b 

1  802.11a 

One 

Strix  Systems 

OWS  3600 

Up  to  3  802.11b/g 

Up  to  3  802.11a 

One 

Tropos  Networks 

5210  MetroMesh  Router 

1  802-llb/g 

Same  as  for  client  access 

One 
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Control  starts  with  IBM  System  Storage ™ 

Control  your  data  by  creating  pools  of  storage  that  help  simplify 
management  and  impro  ve  your  access  to  your  data. 

Control  your  data  with  virtualization  technology  designed  to  increase 
utilization  of  your  storage  devices,  helping  to  make  the  diverse  systems 
you  work  with  work  better. 


Control  your  data  with  dynamic  allocation  designed  to  sense  where 
storage  capacity  is  available  and  allot  it  automatically. 


Control  your  data  by  reducing  interruptions  to  applications  and  getting 
the  data  you  need,  regardless  of  where  it  actually  resides. 


Control  your  data  with  IBM  Systems  -  a  range  of  innovative  servers  and 
storage  designed  to  simplify  your  storage,  your  infrastructure,  your  life. 


IBM.COM/TAKEBACKCONTROL 


Storage  products  may  require  purchase  of  more  than  one  product  or  feature  to  enable  virtualization  capabilities  and  dynamic  allocations.  These  products  or  features  may  incur  an  additional  charge.  IBM,  the  IBM  logo, 
System  Storage  and  Take  Back  Control  are  trademarks  or  registered  trademarks  of  International  Business  Machines  Corporation  in  the  United  States  and/or  other  countries.  Other  company,  product,  and  service 
names  may  be  trademarks  or  service  marks  of  others.  ©2005  IBM  Corporation.  All  rights  reserved. 
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Oracle  bulks  up  on  identity  software 


Acquisition  scorecard 

The  identity  market  has  been  constricting  over  the  past  years,  with  most  of  the  major  vendors 
acquiring  technologies  to  build  suites  of  software  focused  on  identity  management. 


Vendor 

Acquisition/year 

Technology 

BMC 

Calendra  —  2005 

Provisioning 

Open  Networks  —  2005 

Web  access  management 

CA 

Netegrity/Business  Layers  —  2004 

Web  access  management/Provisioning 

InfoSec  (acquired  technology)  —  2005 

Provisioning 

HP 

SelectAccess  from  Baltimore  Technologies  —  2003 

Web  access  management 

TruLogica  —  2004 

Provisioning 

IBM 

Dascom  — 1999 

Web  access  management 

Access  360  —  2002 

Provisioning 

MetaMerge  —  2002 

Meta-directory 

Microsoft 

Zoomit  — 1999 

Meta-directory 

Oracle 

Phaos  —  2004 

Federation 

Oblix/Confluent  —  2005 

Web  access  management  /Federation/Web  services  management 

Thor  —  2005 

Provisioning 

Octet  String  —  2005 

Virtual  directory 

RSA 

Securant  —  2001 

Web  access  management 

Sun 

Innosoft  —  2000 

Directory  services 

Waveset  —  2003 

Provisioning 

BY  JOHN  FONTANA 

Oracle  last  week  put  the  final 
pieces  into  place  for  its  identity- 
management  suite.  Customers  say 
the  task  now  is  integrating  all  the 
parts. 

Oracle,  which  started  piecing 
together  the  suite  in  2004,  last 
week  capped  off  a  string  of  acqui¬ 
sitions  with  the  purchase  of  Thor 
Technologies,  which  develops 
provisioning  software,  and  Octet- 
String,  a  vendor  of  virtual  directo¬ 
ry  technology.  The  terms  of  the 
deals  were  not  disclosed.  Earlier 
this  year,  Oracle  bought  Oblix  and 
its  Web-access  management  and 
provisioning  software, and  in  2004 
it  bought  Phaos,  which  developed 
identity-federation  technology 

Oracle  intends  to  provide  cus¬ 
tomers,  who  are  being  driven  to 
identity  management  by  federal 
regulations  such  as  the  Sarbanes- 
Oxley  Act,  with  a  suite  of  identity 
software  for  such  tasks  as  creating 
and  managing  identities,  and 
sharpening  access  controls.  Ora¬ 
cle  plans  to  align  its  identity  plat¬ 
form  with  its  business  applications, 
another  area  where  the  company 
has  been  growing  by  acquisition. 

Users  say  they  are  aware  Oracle 
has  a  challenge  ahead. 

“They  certainly  have  all  the 
pieces  [for  an  identity  suite],  but 
the  ability  to  effectively  integrate 
is  yet  to  be  seen,”  says  a  network 
architect  with  a  Fortune  500  com¬ 
pany  that  runs  Oracle,  Oblix  and 


Thor  technologies.  “Their  claim  is 
the  [Business  Process  Execution 
Language]  is  a  key  to  integration. 
Another  aspect  of  the  task  is  con¬ 
solidation  of  technologies  —  they 
have  significant  duplication.” 

Oracle  says  Thor  Xcellerate  will 
replace  Oblix  CorelD  provision¬ 
ing  software  in  the  Oracle 


Identity  Management  (OIM) 
suite,  but  will  complement 
Oracle  Internet  Directory  with 
OctetString  Virtual  Directory.  In 
the  next  eight  weeks,  Oracle  will 
release,  certify  and  rebrand  its 
newly  acquired  products. 

In  the  first  half  of  next  year,  OIM 
will  be  upgraded  to  Version  10.1.3 


to  include  features  from  the  new 
software,  including  compliance 
automation  from  Thor  and  Octet- 
String  integration  with  Oracle 
Fusion  Middleware. 

With  OIM  1 1,  which  likely  will  be 
released  in  2007,  Oracle  will  fur¬ 
ther  deepen  the  integration. 

“Oracle  should  now  be  consid¬ 


ered  a  major  player  in  the  identity- 
management  market,”  says  Jona¬ 
than  Pfenn,  an  analyst  with  For¬ 
rester  Research.  “The  combined 
set  of  products  obtained  through 
acquisition  form  a  [Java  2  Plat¬ 
form  Enterprise  Edition]-based 
portfolio  that  has  a  flexible  ad¬ 
ministrative  model,  flexible  role 
model,  flexible  data  model  [and] 
flexible  connector  architecture.” 

Penn  warns  that  Oracle  is  behind 
competitors  such  as  IBM  and  Sun, 
which  have  been  acquiring  identi¬ 
ty  vendors  and  integrating  suites 
of  products.  And  last  week, 
Computer  Associates  shipped  CA 
Identity  Manager. 

“It  will  not  be  adequate  for 
Oracle  just  to  try  to  leverage  its 
place  in  the  enterprise  applica¬ 
tion  market.  Nor  will  it  be  enough 
to  go  after  Oracle  customers,  who 
are  also  customers  of  Sun,  IBM,  or 
CA  anyway  So  there’s  a  lot  of  work 
on  messaging,  marketing  and 
visionary-type  identity  manage¬ 
ment  ahead  for  Oracle,”  Penn  says. 

In  parallel,  Oracle  will  align  the 
identity  platform  with  its  applica¬ 
tions  platform. 

“As  we  evolve  our  identity-man¬ 
agement  offerings  we  will  shift 
our  application  repository,  not  just 
for  the  identity  data  but  for  the 
identity-management  function  of 
our  broader  management  suite,” 
says  Wynn  White,  senior  director 
of  Oracle  identity  management 
and  security  marketing.B 


Today's  security  officers  wear  many  hats 


BY  CARA  GARRETSON 

WASHINGTON  —  Effective  chief  informa¬ 
tion  security  officers  are  trusted  advisers  to 
their  companies,  respected  leaders  of  their 
technical  teams  and  risk  experts  all  at  once 
—  which  is  no  small  task,  according  to  a 
panel  of  CISOs  who  spoke  last  week  at  the 
Computer  Security  Institute’s  conference. 

During  a  keynote  discussion  entitled 
“C1SO  Panel:  Evolving  Responsibilities,”  five 
CISOs  from  various  industries  and  govern¬ 
ment  offered  opinions  on  what  it  takes  to 
become  a  CISO,  how  to  hold  on  to  the  title 
and  in  which  directions  the  job  is  heading. 

The  demand  for  a  CISO  function  has 
jumped  dramatically  in  the  past  few  years, 
largely  because  of  new  security-related  re¬ 
quirements  imposed  on  public  companies 
by  the  Sarbanes-Oxley  Act,  said  Bill  Han¬ 
cock,  vice  president  of  global  security  solu¬ 


tions  and  CSO  at  IT  services  company 
Sawis  Communications.  Because  of  the 
criminal  charges  that  the  act  may  impose 
on  corporate  officers  who  violate  the  law, 
one  could  say  that  the  CISOs  job  is  to  keep 
management  out  of  jail,  Hancock  said. 

Another  panelist  joked  that  while  corpo¬ 
rate  security  is  a  cost  center  and  its  value 
can’t  be  easily  gauged,  if  ROI  is  defined  not 
as  return  on  investment  but  as  “risk  of  incar¬ 
ceration,”  suddenly  it  seems  worth  funding. 
“Security  is  all  about  risk  avoidance  . . .  I’ve 
found  it  impossible  to  quantify  said  Jennifer 
Bayuk,  CISO  and  managing  director  with 
financial  services  firm  Bear  Steams. 

The  panelists  agreed  it’s  getting  easier  to 
sell  the  need  for  security  to  both  company 
executives  and  customers,  as  breaches 
have  become  headlines  since  a  California 
law  took  effect  this  year.  That  law  forces 


companies  doing  business  in  the  state  to 
disclose  when  an  event  occurs  that  could 
lead  to  theft  of  personal  data. 

While  the  need  for  security  must  be 
stressed,  so  should  the  reality  that  there’s  no 
such  thing  as  100%  security,  said  Jack  Jones, 
CISO  of  Nationwide  Insurance.  “If  perfect 
security  isn’t  achievable,  then  we’re  manag¬ 
ing  the  frequency  and  magnitude  of  loss. . . . 
We  have  to  become  experts  at  risk,"  he  said. 

Experts  manage  risk,  don’t  take  risks, 
Jones  added,  which  is  why  the  CISO  posi¬ 
tion  is  not  typically  a  path  to  the  corner 
office. “CEOs  have  to  have  a  high  tolerance 
for  risk.  I  find  I’m  risk-averse,”  he  said. 

Yet  some  CISOs  are  finding  that  manag¬ 
ing  risk  and  understanding  the  company’s 
business  means  they  are  asked  for  help  by 
many  departments.  Meanwhile,  CISOs 
need  to  keep  up-to-date  with  technology  to 


manage  effectively  They  must  be  “technical 
enough  so  you’re  not  snowed,  but  have 
enough  management  [skills]  that  you  can 
fit  in  and  talk  to  business  folks,”  said  Jane 
Scott  Norris,  CISO  with  the  U.S.  Department 
of  State. 

Another  key  skill  for  CISOs  is  to  under¬ 
stand  auditing  and  use  it  to  their  favor.  “If 
you  can’t  demonstrate  that  you’re  secure,  it 
doesn’t  count,”  Bayuk  said.  ■ 
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Deploying  VoIP  Successfully 

in  Your  Organization 

A  Solution  for  the  Entire  VoIP  Lifecycle. 


In  today's  competitive  environment,  many  organizations  are  turning  to 
VoIP  (Voice  over  Internet  Protocol)  as  a  way  to  cut  costs,  boost  productivity, 
and  increase  their  competitive  advantage.  In  fact,  more  than  70  percent  of 
organizations  now  use  VoIP  in  some  capacity*  However,  VoIP  systems  present 
some  special  IT  challenges.  First,  because  end  users  expect  IP  phones  to  work 
as  reliably  as  land  lines,  VoIP  systems  must  meet  exceptionally  high  quality  and 
performance  standards.  Second,  even  if  the  system  works  fine  initially,  later 
network  changes  could  affect  call  quality  -  or  a  growing  VoIP  system  could 
affect  other  mission-critical  applications.  So  to  minimize  problems,  you  need  to 
verify  before  deployment  that  your  infrastructure  can  support  VoIP;  thoroughly 
examine  all  system  elements  during  deployment;  and  manage  your  VoIP  system 
proactively  after  deployment,  including  ongoing  monitoring,  troubleshooting, 
and  planning  for  future  growth. 


Pre-deployment/deployment 

Before  deployment,  Fluke  Networks 
tools  help  you  qualify  your  cabling 
infrastructure  to  make  sure  it  can  support 
VoIP.  For  example,  NetTool  VoIP  enables 
you  to  verify  Ethernet  connectivity,  speed. 
Power  over  Ethernet  (PoE),  VLAN  and  port 
configuration  for  each  link,  and  more. 

In  addition,  during  deployment,  NetTool 
VoIP  verifies  that  the  IP  phone  and 
network  can  communicate. 

Ongoing  monitoring  and 
management 

After  deployment,  you  need  to  monitor 
bandwidth  usage  and  QoS  (quality  of 
service)  for  both  the  VoIP  system  and  the 
network  as  a  whole,  quickly  determine 
the  source  of  any  degradation,  and  fix  it. 
OptiView  Protocol  Expert  and  Link  Analyzer 
monitor  bandwidth  utilization  and  gener¬ 
ate  alarms  when  QoS  thresholds  are 
exceeded.  ReporterAnalyzer  provides  a 
combination  of  real-time  insight  and 
long-term  data  anaLysis,  helping  to 
identify  the  VoIP  system's  role  in  traffic 
volume  and  prioritization  as  well  as  call 
pathways  used.  The  OptiView  Integrated 
Network  Analyzer  isolates  call  setup  prob¬ 
lems  at  different  locations  on  the  network; 
and  WAN  Analyzer  sits  outside  the  router 
and  monitors  all  inbound  and  outbound 
traffic  for  an  entire  interface  or  location. 


Troubleshooting 

The  network's  edge  is  a  good  place  to  start 
troubleshooting,  and  NetTool  VoIP  is  the 
ideal  tool,  showing  communication  details 
between  the  IP  phone  and  call  server. 

If  no  problem  exists  there.  Protocol  Expert 
and  Link  Analyzer  provide  more  in-depth 
troubleshooting,  generating  real-time 
QoS  analysis  to  quantify  and  isolate 
the  degradation,  plus  packet  analysis 
to  uncover  configuration  problems.  In 
addition,  Integrated  Network  Analyzer** 
shows  detailed  VoIP  information  for  every 
call  captured.  With  these  tools,  you  can 
identify  both  single-user  problems  and 
those  propagated  among  many  users. 

Planning  for  future  growth 

Many  organizations  deploy  VoIP  in 
batches,  starting  with  a  pilot  program 
and  then  rolling  it  out  more  extensively. 
Studying  trend  and  baseline  data  from 
your  current  system  will  help  you  deter¬ 
mine  whether  you  have  enough  capacity 
to  handle  growth  or  need  to  add  new 
resources.  ReporterAnalyzer  provides 
capacity  planning  information  and  shows 
the  rate  at  which  VoIP  traffic  volume  has 
grown  over  time,  while  Protocol  Expert 
and  Link  Analyzer  provide  a  performance 
baseline  by  calculating  an  aggregate 
health  score  for  all  VoIP  calls  being 
carried  over  a  specific  link  or  VLAN. 


*  Network  World  Special  Report  - 
VoIP:  Challenges,  Drivers,  Hurdles  and  Recommendations 

**  Integrated  Protocol  Expert  will  be  available  on  the 
Integrated  Network  Analyzer  in  Q4,  2005. 
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A  VoIP  lifecycle  solution 

To  help  you  with  these  tasks.  Fluke 

Networks  offers  a  comprehensive  solution 

that  enables  you  to  manage  the  complete 

VoIP  lifecycle.  The  solution  includes: 

•  NetTool™  VoIP,  an  easy-to-use,  portable 
tool  for  testing  communications  between 
the  IP  phone  and  other  elements  of  the 
VoIP  network,  and  for  troubleshooting 
problems  at  the  network's  edge. 

•  OptiView™  Protocol  Expert,  a  protocol 
analysis  and  monitoring  solution  that  can 
quickly  isolate  and  resolve  problems  such 
as  slow  response  times. 

•  OptiView™  Link  Analyzer,  a  hardware 
analyzer  that  works  with  Protocol  Expert 
to  report  on  network  traffic  and  provides 
real-time  packet  capture  and  analysis, 

QoS  metrics,  and  alerts. 

•  OptiView™  Integrated  Network  Analyzer, 
a  portable  analyzer  that  captures  and 
analyzes  voice  traffic  and  provides  QoS 
assessments  for  each  call. 

•  OptiView™  WAN  Analyzer,  a  multi-function 
analyzer  that  provides  in-depth  analysis  of 
WAN  interfaces. 

•  ReporterAnalyzer™,  a  NetFlow-based 
monitoring  and  analysis  solution  that 
provides  enterprise-wide  visibility  into 
bandwidth  usage. 


What  makes  this  comprehensive, 

single-vendor  solution  unique  is  that: 

•  All  products  offer  both  network  and 
VoIP  specific  analytics  -  an  essential 
combination,  since  each  has  a  potential 
impact  on  the  other. 

•  QoS  analytics  isolate  statistics  by 
channel,  a  more  powerful  approach  than 
single-call  measurements  because  it  iso¬ 
lates  the  direction  of  degradation. 

•  All  products  use  real-time  monitoring 
or  packet  analysis,  basing  results  on 
real  traffic,  not  synthetic  tests. 

•  The  Fluke  Networks  solution  provides 
end-to-end  VoIP  lifecycle  manage¬ 
ment  with  differentiated  measurement 
and  analysis  solutions  that  align  to  your 
deployment  needs. 

For  more  information 

To  learn  more  about  how  Fluke  Networks' 

comprehensive  VoIP  lifecycle  management 

solution  can  help  you,  visit 

www.flukenetworks.com/voip. 
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PREEMPTIVE  SECURITY  IS  HERE: 


THE  FUTURE  OF  YOUR 


security 


WITH  PREEMPTIVE  PROTECTION. 


Proventia  ESP  (Enterprise  Security  Platform)  from  ISS  stops  Internet  threats  before  they  impact  your  network.  With  intrusion  prevention  and  vulnerability 
assessment  products  and  services,  Proventia  ESP  gives  you  centralized  control  and  enables  network  uptime.  Only  ISS  keeps  you  ahead  of  the  threat  with 
preemptive  protection  to  suit  your  needs.  Download  a  free  white  paper  at  www.iss.net/ESP/network,  or  call  1-800-776-2362. 


Q  Internet  I  Security  I  Systems* 

Ahead  of  the  threat.  ™ 


NETWORK  &  HOST  INTRUSION  PREVENTION  I  VULNERABILITY  MANAGEMENT  I  MANAGED  SECURITY  SERVICES 


©2005  Internet  Security  Systems  Incorporated.  All  rights  reserved. 
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WET  INFRASTRUCTURE 

SECURITY  SWITCHING  R  ROUTING  R  VPNS  R  BANDWIDTH  MANAGEMENT  VOIP  WIRELESS  LANS 


Short  Takes 


■  Sales  of  enterprise  router  and 
switch  gear  grew  in  the  third  quar¬ 
ter,  as  users  sought  to  install  more 
secure  WAN  connections  and  faster, 
more  intelligent  LAN  pipes.  According 
to  Infonetics  Research,  the  enterprise 
router  market  grew  8%  between  July 
and  September  2005,  with  $859  mil¬ 
lion  in  worldwide  revenue.  Secure 
routers,  or  boxes  that  roll  firewall, 
VPN  and  WAN  connectivity  into  a  sin¬ 
gle  device,  also  are  becoming  more 
popular,  as  sales  of  such  gear  rose 
21%  from  the  previous  quarter.  Sales 
of  such  gear  has  doubled  since  the 
third  quarter  a  year  ago.  Cisco  domi¬ 
nated  the  enterprise  router  market  in 
the  third  quarter,  accounting  for  80% 
of  sales.  Layer  2  and  Layer  3  Ethernet 
switch  sales  climbed  6%  in  the  third 
quarter,  to  $3.95  billion.  But  10G 
Ethernet  and  Layer  4-7  gear  was  par¬ 
ticularly  hot:  10G  sales  were  up  29% 
from  the  previous  quarter,  and  Layer 
4-7  gear  sales  were  up  19%  from  the 
same  quarter  a  year  ago. 

■  ServGate  last  week  streamlined 
the  pricing  of  its  multiservice  security 
platforms  so  customers  pay  a  lower 
flat  price  for  the  hardware  and  securi¬ 
ty  software  no  matter  how  many 
users  they  support.  When  customers 
buy  ServGate  EdgeForce  appliances, 
they  get  unrestricted  use  of  anti-virus 
software,  spam  filtering,  URL  filtering 
and  intrusion  detection  in  addition  to 
firewall  and  VPN  support.  In  the  past, 
customers  would  buy  ServGate  hard¬ 
ware  and  firewall/VPN  devices  and 
then  pay  extra  for  other  security 
applications,  as  well  as  license  fees  to 
add  users.  The  company’s  new  Edge- 
Force  1000  appliance  costs  $14,000, 
while  a  similarly  configured  version  of 
its  old  EdgeForce  Accel  appliance 
with  equal  throughput  cost  $16,000. 
ServGate  also  is  offering  new  Edge- 
Force  hardware.  The  five  platforms 
are  called  EdgeForce  M30,  M100, 

M200,  M400  and  MIOOO.They  range  in 
throughput  from  75M  bit/sec  to  1G 
bit/sec.  Pricing  for  the  new  EdgeForce 
gear  is:  M30,  $1,100;  M100,  $3,000; 
M200,  $4,000;  M400,  $9,000;  and  M700, 
$14,000. 


Cisco  expands  WLAN  product  line 


BY  JOHN  COX 

New  Cisco  products  take  the  next  step  in 
helping  customers  integrate  wireless 
LANs  with  Cisco  wired  network  gear  and 
extending  them  outdoors. 

Two  new  boards,  for  the  Catalyst  6500 
switch  and  the  Integrated  Services  Router 
(ISR),  centralize  management  and  admin¬ 
istration  of  Ciscos  thin  access  points 
inside  network  chassis,  without  requiring 
users  to  install  separate  WLAN  controllers. 
Also,  a  new  outdoor  mesh  access  point 
finally  brings  Cisco  into  a  burgeoning 
market  that’s  been  dominated  by  rivals 
such  as  BelAir,  Nortel,  Strix  and  Tropos. 

All  three  products, announced  last  week, 
are  based  on  technology  developed  by 
WLAN  switch  vendor  Airespace,  acquired 
by  Cisco  earlier  this  year  to  create  a  wire¬ 
less  architecture  of  stripped-down  access 
points  linked  to  a  central  switch,  now 
dubbed  a  controller. 

The  two  boards  are  the  Cisco  Wireless 
Service  Module  (WiSM)  for  the  6500  and 
the  Cisco  Wireless  LAN  Controller  Module 


The  new  Cisco  Aironet  1500  access  point  cre¬ 
ates  an  outdoor  802.11  wireless  mesh.  In 
each  device,  one  radio  is  dedicated  to  linking 
the  access  points  via  802.11a,  a  second  to 
connecting  with  802.1  Ib/g  clients. 

for  the  ISR.  Cisco  says  it  has  sold  more  than 
300,000  6500  boxes  and  over  a  half-million 
ISRs.  The  majority  of  those  products  can 
accept  the  new  boards,  according  to  Alan 
Cohen, senior  director  of  product  manage¬ 
ment  for  Cisco’s  Wireless  Network  Busi¬ 
ness  Unit. 

The  new  6500  blade  incorporates  the  guts 


of  a  Cisco  WLAN  controller.  Each  blade 
delivers  8G  bit/sec  of  throughput  and  can 
manage  as  many  as  300  access  points.  By 
comparison,  a  blade  introduced  before  the 
Airespace  acquisition  supported  150  access 
points.  Aruba  Wireless  Networks,  another 
WLAN-controller  vendor,  offers  its  high-end 
stand-alone  6000  Mobility'  Controller,  which 
supports  8G  bit/sec  of  throughput  and  as 
many  as  512  access  points. 

The  Cisco  blade  works  with  the  com¬ 
panion  thin  access  points  and  existing 
Aironet  access  points  that  have  been 
upgraded  with  additional  software.  As 
many  as  five  blades  can  be  installed  in 
each  6500.  Each  blade  bundles  an  array  of 
Cisco  network  and  radio  frequency- 
management  software,  including  intru¬ 
sion-prevention  features. 

But  the  new  blade  lacks  true  integration 
with  the  Cisco  switch  fabric,  Cohen 
acknowledges.  The  WiSM  simply  shares 
the  6500’s  Supervisor  module,  which  pro¬ 
vides  the  switching  fabric  for  the  entire 

See  Cisco,  page  26 


3Com  device  powers  up  security 


BY  PHIL  HOCHMUTH 

3Com  last  week  launched  a  multifunction 
security  device  that  combines  intrusion 
detection,  firewall,  VPN  and  WAN  routing 
features  in  one  box. 

The  TippingFbint  X505  is  the  first  product 
jointly  developed  by  3Com  and  Tipping¬ 
Fbint  since  3Com  acquired  the  intrusion- 
prevention  system  (IPS)  vendor  last  year. 
The  result  is  a  device  that  3Com  says  can 
help  stop  malware,  spyware  and  viruses  at 
the  enterprise  edge  without  having  to  stack 
multiple  router,  firewall, VPN  and  IPS  boxes 
on  top  of  each  other. 

The  device  is  a  single-rack-unit  device 
with  four  10/100M  bit/sec  Ethernet  ports, 
capable  of  supporting  up  to  50M  bit/sec  of 
IPS,  firewall  and  IPSecVPN  throughput,  with 
as  many  as  1,000  VPN  tunnels.  Standard 
routing  protocols  —  RIP  Versions  1  and  2 
and  IP  multicast  —  are  supported,  as  well 
as  network-address  translation  capabilities. 

Advanced  security  features  include  URL 
and  content  filtering,  and  support  for 
TippingPoint’s  Digital  Vaccine  service, 
which  regularly  updates  the  device  with  sig¬ 
natures  and  definitions  for  spyware,  anti¬ 


virus,  and  other  dangerous  code  and  attack 
methods,  allowing  users  to  set  up  blocking 
rules  for  suspicious  traffic. 

The  four  ports  on  the  box  can  be  config¬ 
ured  in  what  TippingPoint  calls  security 
zones,  which  can  monitor  various  segments 
of  a  network,  such  as  specific  virtual  LANs 
(VLAN)  and  incoming  traffic.  Users  also 
can  use  traffic-shaping  features  on  the 
device  to  allocate  certain  amounts  of  band¬ 
width  to  users  on  specific  security  zones. 

The  X505  was  tested  recently  on  the  net¬ 
work  at  the  East  Grand  Rapids,  Mich.,  pub¬ 
lic  schools,  where  it  runs  as  an  IPS  device, 
firewall  and  LAN  switch,  separating  the 
school’s  public  wireless  LAN  from  the  main 
network. 

“So  far,  it’s  replaced  three  different 
devices,”  says  Jeff  Crawford,  manager  of  net¬ 
working  and  security  for  the  school  district. 

Crawford  says  he’s  seen  no  performance 
issues  with  the  device,  and  that  managing 
security  policies  is  easier  now  because  he 
only  has  to  use  one  device  interface.  He 
says  the  product  brings  the  advanced  secu¬ 
rity  features  of  TippingFbint  together  with 
more  affordable  3Com-based  network  gear. 


“TippingFbint  was  always  that  piece  that 
you  always  salivated  over,  but  you  could 
never  afford  it,”  Crawford  says.  “The  thing 
that’s  always  been  attractive  to  us  about 
3Com  is  that  it  is  affordable  for  school  dis¬ 
tricts  like  ours.” 

One  caveat  Crawford  sees  with  the  X505  is 
that  he  was  not  able  to  fine-tune  the  IPS  fea¬ 
tures  to  monitor  specific  sub-segments  of 
his  internal  network  —  particularly,  the 
wireless  segment,  which  runs  as  its  own 
VLAN  segment.  He  says  3Com  is  working 
with  him  on  the  issue. 

The  3Com  TippingPoint  X505  is  sched¬ 
uled  to  be  available  next  month  starting  at 
$4,000.  ■ 


nww.Gom 

More  details 

Listen  to  an  audio  file  of  the  interview  with  Jeff 
Crawford,  with  more  details  on  his  beta  test  of  the 
3Com  TippingPoint  X505. 
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Cisco’s  ‘pals’  offer  new  strategy 


Kevin  Tolly 


Whatever  one  might  think  of  the 
technology  that  Cisco  sells,  few 
would  argue  against  the  compa¬ 
ny’s  success  as  a  marketing 
machine.  Stories  abound  in  the 
industry  about  Cisco  bringing  in 
the  “big  guns”  to  sway  customer 
executives  back  to  Cisco  after  a 
wayward  network  architect  rec¬ 
ommended  the  competition.And, 
for  that  competition,  making 
progress  against  Cisco  often  has 
been  as  productive  as  trench  war¬ 


fare  in  World  War  I  —  that  is,  not 
productive  at  all.  But  that  might  be 
changing. 

“Introducing  Cisco  plus.”  So 
began  a  three-quarter-page  ad  in  a 
recent  issue  of  The  Wall  Street 
Journal  Accustomed  to  seeing 
prominent  Cisco  ads,  I  read  on  to 
see  what  the  message  would  be 
this  time  around.  As  1  scanned  the 
top  of  the  ad,  I  saw  keywords  you’d 
expect:  “intelligence,”  “optimizes 
applications,”  “security’  all  above 
the  fold,  as  they  say  in  newspaper 
parlance. 

It  was  only  after  I  flipped  the 
paper  over  to  read  the  remainder 
that  I  realized  it  was  a  3Com 
advertisement.  Time  to  stop  and 
rewind.  What  is  going  on  here? 
Did  Cisco  acquire  3Com  and  I 


failed  to  notice? 

In  fact,  it  appears  to  be  a  bold 
example  of  what  I’m  starting  to 
call  the  “Friends  of  Cisco”  com¬ 
petitive  strategy  —  and  3Com 
isn’t  the  only  one  to  take  this 
“leverage  Cisco  by  buying  from 
us”  approach.  You’ll  be  seeing  it 
pop  up  more  and  more  from 
other  vendors. 

After  the  boldface  Cisco  open¬ 
ing,  3Com  goes  on  to  tout  what  it 
calls  its  “plus”  approach  —  adding 
intelligence  and  more  (noted 
above)  to  an  existing  Cisco  infra- 
structure.Then,just  below  the  fold, 
3Com  tells  you  what  you  “lose”  by 
going  with  3Com  —  “Minus  the 
forklift.  Minus  the  lock-in.” 

The  ad  ends  in  not-so-fine  print: 
“Cisco  ...  is  not  affiliated  with  nor 


does  it  endorse  the  products  or 
services  of  3Com  Corp.Whoa!  Big 
surprise  [sic] .  So,  yes,  we  do  com¬ 
pete  with  Cisco,  but  we  also  exist 
with  them  as  an  overlay  to  your 
current  network.”  And,  yes,  the 
“Whoa!  Big  surprise”is  3Com s  text 
and  not  an  editorial  addition. 

To  go  back  to  the  trench-warfare 
analogy  it  is  as  if,  rather  than  flying 
the  white  flag  in  surrender,  one 
side  just  stood  up  and  said, “Hey 
why  are  we  fighting?  Let’s  go  have 
lunch,”  and  then  uses  that  as  a  way 
to  get  over  to  the  enemy  in  order 
to  get  access  to  areas  behind  the 
battle  lines. 

Beneath  its  logo,  3Com  lists 
“security  VoIP  wireless,  switching, 
routing,  services”  as  areas  with 
which  it  can  help  customers. 


Whoa!  (this  time  it’s  mine)  — 
Cisco  has  offerings  in  every  one  of 
these  areas  too. 

The  message  would  seem  to  be: 
“Cisco: We  come  in  peace  ...to  try 
to  take  your  business  away*  It 
might  just  work. 

(Disclaimer  While  3Com  is  a 
testing  client  of  The  Tolly  Group, 
we  do  not  provide  consulting  to 
the  company  I  first  found  out 
about  this  strategy  when  I  picked 
up  the  WSJ  and  saw  the  advertise¬ 
ment. The  Tolly  Group  had  no  con¬ 
nection  with  this  effort.) 

Tolly  is  president  of  The  Tolly 
Group,  a  strategic  consulting  and 
independent  testing  company  in 
Boca  Raton,  Fla.  He  can  be 
reached  at  ktolty@tolly.com. 


Enterasys  sells,  goes  private 


BY  PHIL  HOCHMUTH 

Enterasys  Networks  will  become  a  private  compa¬ 
ny,  as  it  agreed  to  a  $386  million  buyout  offer  by  two 
private  investment  firms  last  week. 

Enterasys,  which  makes  LAN  switches  and  routers, 
firewall,  intrusion-detection  and  other  network  secu¬ 
rity  gear,  will  be  acquired  by  The  Gores  Group  and 
Tennenbaum  Capital  Partners  for  $13.92  per  share. 

“This  transaction  provides  our  shareholders  with  a 
substantial  premium  over  the  current  market  and 
enterprise  values  of  the  company  said  Mark  Aslett, 
president  and  CEO  of  Enterasys,  in  a  statement.  “We 
believe  operating  as  a  private  company  with  the 
backing  of  Gores  and  Tennenbaum  will  enable  us  to 
capture  market  opportunities  not  available  to 
Enterasys  today’ 

Aslett  and  the  Enterasys  management  team  will 
remain  in  charge  of  the  network  company  The  deal 
is  expected  to  close  by  year-end. 


Tennenbaum  Capital  Partners  has  more  than  $3.7 
billion  under  management.  The  Gores  Group  man¬ 
ages  13  software  and  other  technology  companies. 
In  2002  it  bought  Enterasys’  network  management 
arm.Aprisma  Management  Technologies,  and  sold  it 
in  January  to  Concord  Communications  —  now  a 
Computer  Associates  company  Gores  acquired  and 
sold  off  other  network  vendors  and  other  technolo¬ 
gy  companies  over  the  last  several  years. 

Enterasys’  products  compete  with  offerings  from 
vendors  such  as  3Com,  Cisco,  Extreme  Networks, 
Foundry  Networks, HP  ProCurve, Nortel  and  ForcelO. 

Enterasys  struggled  the  last  few  quarters,  with  its 
net  losses  growing  from  $5.8  million  in  September 
2004  to  $23.6  million  in  June  2005.  It  posted  a  major 
upswing  in  September,  with  $72.9  million  in  net 
income  on  $81.8  million  in  sales.  Since  August,  the 
company’s  share  price  has  risen  from  as  low  as  $1  to 
$13.25  at  the  close  of  the  market  last  Wednesday  ■ 


McAfee  unveils  anti-spyware  wares 


BY  ELLEN  MESSMER 

McAfee  last  week  unveiled  anti¬ 
spyware  software  for  business  cus¬ 
tomers  to  block  and  eliminate 
adware,  dialers,  keyloggers,  cook¬ 
ies  and  remote-control  programs, 
such  as  bots. 

McAfee  AntiSpyware  Enterprise 
can  be  managed  via  the  same 
console  used  to  manage  McAfee’s 
anti-virus  products,  the  ePolicy 
Orchestrator  for  larger  compa¬ 
nies,  or  the  Protection  Pilot  for 
small  offices.  McAfee  also 
announced  its  managed  online 
anti-virus  scanning  service  has 


added  spyware  detection  and  will 
be  offered  under  a  new  name, 
McAfee  Managed  VirusScan  plus 
AntiSpyware. 

The  McAfee  AntiSpyware  Enter¬ 
prise  software  and  the  online  anti¬ 
virus  service  use  the  same  spy- 
ware-detection  signatures,  says 
McAfee  marketing  manager 
Lillian  Wu. 

She  says  McAfee  is  charging 
35%  more  for  the  additional  spy- 
ware  detection  that’s  now  part  of 
the  online  anti-virus  service,  mak¬ 
ing  the  total  cost  $36  per  user  per 
year.  However,  the  additional  anti¬ 


spyware  functionality  will  be  pro¬ 
vided  without  additional  cost  to 
existing  VirusScan  customers  until 
their  VirusScan  contract  expires 
and  is  set  for  renewal. 

The  only  competitor  offering  the 
same  type  of  combined  anti-virus 
and  anti-spyware  scanning  ser¬ 
vice  is  Panda  Software.  Many 
security  software  vendors,  such  as 
Computer  Associates  and  Syman¬ 
tec,  offer  anti-spyware  products. 

McAfee  AntiSpyware  Enterprise 
software  starts  at  $20  per  seat  for 
as  many  as  25  nodes  but  drops  to 
$6  per  seat  for  10,000  or  more.® 


Cisco 
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chassis,  moving  traffic  across 
ports  on  different  line  cards 
inside  the  switch.  And  if  the  chas¬ 
sis  has  modules  for  a  firewall  or 
intrusion-detection  service,  the 
WiSM  can  make  use  of  these  fea¬ 
tures,  according  to  Cohen. 

But  the  actual  management, 
administration  and  security  for 
the  WLAN  is  still  handled  sepa¬ 
rately  from  the  wired  network. 
That  will  change  over  time, 
Cohen  says,  as  Cisco  adds  soft¬ 
ware  to  tie  its  wireless  networks 
into  ambitious  schemes  such  as 
the  “self-defending  network”  pro¬ 
ject,  which  envisions  a  network 
that  can  automatically  evaluate 
and  adapt  to  network  threats.  But 
Cohen  provided  no  more  detail 
than  other  Cisco  executives  pro¬ 
vided  six  months  earlier  on  how 
or  when  this  higher-level  integra¬ 
tion  will  be  created. 

Each  WiSM  blade  costs  $45,000, 
much  more  than  the  $18,000 
charged  for  the  first  wireless 
blade  introduced  before  the 
Airespace  acquisition.  The  WiSM 
cost  compares  with  $35,000  for 
the  high-end  stand-alone  Cisco 
4400  controller. 

The  Wireless  LAN  Controller 
Module  for  the  ISR  2800  and  3800 
series  products  manages  no 
more  than  six  access  points,  more 
than  enough  for  the  typical 
branch  or  small  office.  The  mod¬ 
ule  can  communicate  over  a 
WAN  link  to  a  central  Cisco  con¬ 


troller  or  the  WiSM.  The  central 
controller  can  send  configura¬ 
tion  and  security  settings  for  the 
branch  office  access  points,  and 
manage  them  remotely.  This 
board  is  priced  at  $2,300. 

Both  boards  are  in  beta  test  and 
are  scheduled  to  ship  next  month. 

The  mesh  product,  the  Cisco 
Aironet  1500,  is  the  company’s 
late  entry  into  a  burgeoning  mar¬ 
ket  for  outdoor  wireless  networks 
that  can  route  packets  among 
wireless  nodes,  thereby  minimiz¬ 
ing  cable  costs  and  sidestepping 
outages  or  radio  interference. 

The  1 500  has  two  radios:  it  uses 
802.1  lb/g  connections  with 
client  devices,  and  802.11a  for 
backhaul  and  routing  among  the 
various  nodes.The  mesh  can  sup¬ 
port  up  to  eight  hops,  but  Cisco 
recommends  a  maximum  of  four, 
according  to  Cohen.  One  or  more 
of  these  nodes  connects  to  any 
existing  Cisco  WLAN  controller. 
The  node  is  fully  managed  by 
Cisco’s  Wireless  Control  System 
management  application. 

The  1500  uses  Advanced 
Encryption  System  to  encrypt 
links  between  mesh  nodes,  and 
supports  Wi-Fi  Protected  Access 
2  (WPA2),  WPA,  and  Wired 
Equivalent  Privacy  for  client  con¬ 
nections. 

The  1500  is  priced  at  $4,000.  ■ 

WIRELESS  IN 
THE  ENTERPRISE 
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Getting  to  the  Core  of  Backup  Problems 

By  eliminating  network  congestion,  ForcelO  curbed  the  unpredictable  backup  times  hurting  this  insurance  firm’s  productivity. 


"It  was  difficult  to  explain  to  our 
executive  group  that  we  couldn't 
reliably  predict  how  long  the  backup 
would  take." 

Colin  Hines 

Senior  Administrator  of  Network  and  Security  Infrastructure  at  Tower  Hill 


On  those  occasional  nights  when  the  backup  process 
for  Tower  Hill  Insurance  Group's  policy  management 
application  took  a  full  16  hours,  employees  arriv¬ 
ing  for  work  would  find  themselves  locked  out  of  the 
application.  "No  one  could  do  anything,"  says  Colin 
Hines,  Tower  Hill's  Senior  Administrator  of  network  and 
security  infrastructure.  "It  was  difficult  to  explain  to  our 
executive  group  that  we  couldn't  reliably  predict  how 
long  the  backup  would  take." 

Based  in  Gainesville,  Fla.,  and  with  offices  in  Ken¬ 
tucky,  Tower  Hill  is  a  leading  property  and  casualty 
insurer  providing  coverage  for  homes,  rental  proper¬ 
ties,  personal  automobiles,  and  commercial  property  to 
500,000  policy  holders  in  Florida.  The  company  has  a 
Web-enabled  IT  and  billing  infrastructure  that  supports 
its  400  employees  and  enables  it  to  attract  new  agents 
and  cost  effectively  scale  its  business. 


Each  night  Tower  Hill  backs  up  data  relating  to 
policies  and  claims  -  about  4  terabytes.  With  the  total 
volume  of  company  data  doubling  every  two  years  and 
hitting  15  terabytes  this  year,  the  strain  on  the  network 
began  to  show.  In  particular,  the  time  needed  to  back 
up  its  business-critical  policy  management  application 
became  unpredictable. 

To  ensure  data  integrity,  IT  first  backs  up  the  appli¬ 
cation  to  capture  daily  changes,  then  runs  an  update 
process  that  inserts  information  such  as  policy  renewal 
dates,  and  then  backs  up  the  application  again.  While 
the  update  process  completed  in  a  predictable  time- 
frame,  each  backup  took  anywhere  from  four  to  seven 
hours.  On  average,  the  three-stage  backup  and  update 
process  required  13  hours.  When  backup  times  ran 
longer,  employees  arriving  for  work  were  locked  out 
of  the  system. 


Logical  diagram  of  Tower  Hill’s  primary  network  in 
Gainesville,  Florida,  and  remote  disaster  recovery  site 
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Ripple  Effects 

The  network  became  the 
first  thing  the  server  group 
blamed  for  the  varying 
backup  times,  Hines  notes, 
since  they  could  easily 
check  out  their  equipment. 
Hines,  on  the  other  hand, 
was  spending  25  to  30 
percent  of  his  time  moni¬ 
toring  and  troubleshooting 
the  network,  and  finding 
work  arounds  to  conges¬ 
tion  problems.  When  he 
determined  that  the  volume 
of  data  coming  into  blades 
on  his  two  core  routers  was 
greater  than  the  blades' 
connection  to  the  routers' 
backplanes,  he  helped  the 
server  team  work  around 
the  oversubscription  prob¬ 
lem  by  balancing  where 
servers  plugged  into  the 
network. 

It  bought  them  some 
time.  But  it  meant  Hines 


needed  to  direct  the  server  team  each  time  a  new 
server  was  brought  on  line.  The  unpredictable  backup 
times  impacted  IT  in  other  ways,  as  well.  Routine 
maintenance  and  software  releases,  for  example,  had 
to  be  done  on  weekends  as  it  was  impossible  to  do 
them  at  night. 

With  traffic  volumes  continuing  to  escalate,  Hines 
knew  something  had  to  give.  "Our  core  couldn't  han¬ 
dle  the  amount  of  data  we  were  pushing  through  it," 
he  says.  "And  I  want  the  network  to  be  something  you 
can  just  plug  into  and  it  goes."  It  was  time  to  upgrade 
the  network  core. 

Wanted:  Performance  and  Reliability 

When  Hines  began  evaluating  new  core  devices, 
he  knew  what  he  wanted.  "We  buy  best  in  breed," 
he  notes.  "We  needed  line-rate  throughput,  non- 
blocking  gigabit  interfaces,  and  access  lists.  And  we 
needed  reliability." 

Tower  Hill's  search  for  a  new  core  router  led  them 
to  ForcelO.  Hines  installed  a  ForcelO TeraScale  El 200 
switch/router  in  early  2005  and  has  watched  the  com¬ 
bined  time  for  both  pre-  and  post-update  backups  of 
the  policy  management  application  drop  to  a  consistent 
2.5  hours.  What  used  to  be  a  13  hour  or  more  backup 
and  update  process  is  now  routinely  done  in  five. 

"One  of  the  really  attractive  things  about  the  Forcel  0 
El  200  is  that  it's  full  rate  line  speed,  non-blocking.  It's 
not  oversubscribed,  as  were  other  core  switches  I  eval¬ 
uated,"  says  Hines.  Each  server  now  has  true  gigabit 
access  to  every  other  server  and  device  on  the  network. 
In  addition,  the  El 200  supports  active  redundant  links 
with  immediate  failover  if  one  link  fails.  As  a  result, 
each  Tower  Hill  server  with  dual-gigabit  interfaces  has 
a  2-Gbps  connection  to  the  core  whereas  the  previous 
core  routers  only  supported  one  active  connection  in  a 
dual-homed  configuration. 

In  addition,  the  El 200  is  a  fully  redundant  system, 
ensuring  continuous  uptime  for  the  network.  And 
Hines  has  been  impressed  with  the  level  of  support 
ForcelO  provides.  "We're  a  moderate-size  business," 
he  notes.  "I've  never  had  support  this  excellent." 

Core  Benefits 

With  a  line-rate,  congestion-free  core  switch/router 
in  place,  Tower  Hill  is  assured  of  predictable  perfor¬ 
mance  from  the  network.  As  a  result,  backup  times 
have  been  dramatically  reduced,  ensuring  critical 
applications  are  always  available  during  business  hours 
and  freeing  IT  staff  to  perform  routine  maintenance, 
software  releases  and  other  tasks  in  the  evening  rather 
than  wait  until  weekends.  IT's  management  overhead 
has  also  dropped,  as  the  burden  of  ongoing  network 
monitoring  and  troubleshooting  has  been  eliminated. 

"ForcelO  gave  us  the  ability  to  exonerate  the 
network,"  Hines  says. Tower  Hill  now  has  a  predictable 
network  with  plenty  of  headroom  to  accommodate 
ever  increasing  traffic  loads. 


For  a  FREE  white  paper  on  ForcelO’s  data  center  vision  visit 

www.nww.com/  forcel  0 


Sponsored  by 


Protect  your  corporate  body  from  unknown  attacks. 


When  it  comes  to  protecting  your  network  and  mission-critical 
applications,  Secure  Computing's  all-in-one.  Sidewinder  G2' 
Security  Appliance  gives  you  sure  footing  without  the  pain  of 
unwelcome  surprises.  Inside  the  Sidewinder  G2  resides  the 
strongest  application-layer  firewall  in  the  world— a  firewall 
that  has  never  been  compromised.  Other  proactive  defenses 
include  best-of-breed  protection  against  viruses,  spyware, 
spam,  threatening  Web  content,  and  much  more. 


[  SIDEWINDER  G, 

9 SECURITY  APPLIANCE 


Firewall/Security  Appliance 
Sidewinder  G2®  Security  Appliance 

Strong  Authentication 

SafeWord® 


To  learn  how  you  can  protect  yourself  against  these  threats 
visit  www.securecomputing. com/goto/spyware. 


Web  Filtering 
SmartFilter® 


COMMON  CRITERIA 

EAUt  CERTIFIED 


Securing  the  connections  between  people,  applications,  and  networks 

All  trademarks  used  herein  belong  to  their  respective  owners. 


www.securecomputing.com 
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Microsoft,  others  eye  supercomputing 


BY  NETWORK  WORLD 

AND  IDG  NEWS  SERVICE  STAFF 

Increased  processing  power  coupled 
with  lower-cost  hardware  is  making  super¬ 
computing  a  more  viable  platform  for  cor¬ 
porate  buyers  running  data-intensive  busi¬ 
ness  applications. 

That  was  a  major  theme  at  the  18th  annu¬ 
al  Supercomputing  conference  held  last 
week  at  the  Washington  State  Convention 
and  Trade  Center  in  Seattle  as  vendors  com¬ 
bined  forces  in  an  effort  to  spread  super¬ 
computing  beyond  its  academic  and 
research  roots.  Leading  the  charge  was 
Microsoft,  which  has  had  a  presence  at  the 
high-performance  computing  conference 


■  Intel  last  week  announced  that  its 

Vanderpool  virtualization  tech¬ 


nology  is  available  for  desktops. 

With  virtualization,  customers  can 
run  management  or  security  ser¬ 
vices  in  a  virtual  machine  without 
interrupting  end-user  applications 
running  on  the  same  system.  The 
technology  is  available  in  Pentium  4 
processor-based  PCs  offered  by 
Acer  and  Lenovo,  among  other  ven¬ 
dors.  Intel  recently  began  shipping 
Xeon  MP  processors  with  hardware- 
enabled  support  for  Intel 
Virtualization  Technology  on  servers. 
Intel  is  expected  to  start  shipping  vir¬ 
tualization  technology  on  Itanium 
processors  by  mid-2006. 

■  Dot  Hill,  which  supplies  disk 
drives  to  Sun  Microsystems  and 
white-box  storage  companies,  has 
announced  the  SANnet  II  U320 
storage  system.  The  product 
offers  twice  the  performance  of  an 
earlier  system  dubbed  the  SCSI-160 
but  costs  the  same.  The  new  offer¬ 
ing,  which  is  backward-compatible 
with  the  SCSI-160,  supports  data 
rates  as  high  as  320M  bytes  per  sec¬ 
ond.  The  system  will  come  in  3.6T-  to 
10.8T-byte  capacities  and  is  expected 
to  be  available  later  this  fall. 


since  2003,  but  stepped  up  its  profile  this 
year  with  a  keynote  address  by  Bill  Gates. 

In  addition,  the  software  giant  used  the 
conference  as  a  launch  pad  for  its  formal 
entry  into  the  market  dominated  by  Linux. 

“The  [big]  message  is  that  Microsoft  is 
entering  scientific  computing,  technical 
computing,  and  we  will  bring  all  the  atten¬ 
tion  and  commitment  that  we  have  given  to 
business  and  consumer  computing  in  the 
past  to  this  new  area  where  computation  is 
poised  to  make  a  significant  impact,”  said 
Kyril  Faenov,  directory  of  high-performance 
computing  at  Microsoft. 

As  part  of  that  commitment,  Microsoft  is 
readying  an  operating  system  tuned  for 
high-performance  computing:  Windows 
Compute  Cluster  Server  2003. The  software 
is  in  its  second  beta  release  and  should  be 
generally  available  in  the  first  half  of  next 
year,  the  company  said. 

Microsoft  also  said  it  has  set  up  10  high- 
performance  computing  institutes  in  uni¬ 


versities  around  the  world  to  support 
research  and  drive  the  company’s  efforts  to 
meet  the  software  demand  for  computing¬ 
intensive  environments. 

At  the  same  time,  vendors  such  as  HP 
and  InfiniBand  switch-maker  Voltaire  an¬ 
nounced  support  for  Microsoft’s  cluster 
efforts.  Platform  Computing,  which  makes 
resource-management  and  orchestration 
software  for  high-performance  computing 
clusters,  said  it  was  partnering  with 
Microsoft  to  integrate  its  work  scheduling 
Platform  LSF  software  into  Windows  Com¬ 
pute  Cluster  Server  2003. 

Industry  experts  note  that  Microsoft  has  a 
tough  battle  ahead  as  it  tries  to  break  into  a 
market  that  has  been  dominated  by  more 
specialized,  higher-end  software  and  sys¬ 
tems,  such  as  IBM’s  Blue  Gene,  a  commer¬ 
cial  version  of  the  supercomputer  ranked 
as  the  fastest  in  the  world. 

Platform  Computing  also  announced  an 
expanded  relationship  with  IBM  to  inte¬ 


grate  Platform  LSF  into  Blue  Gene. 

“This  is  the  very  high  end  of  supercom¬ 
puting  vs.  the  Cluster  Compute  Server 
from  Microsoft  for  the  entry  level,”  says 
Songian  Zhou,  Platform  Computing’s  CEO. 
“These  are  the  bookends  of  the  entire 
technology  spectrum  of  the  [high-perfor¬ 
mance  computing]  market,  and  this  gen¬ 
eral  trend  [of  integrating  the  management 
of  HPC  resources]  is  expanding  into  the 
data  center  for  enterprise  IT’ 
Supercomputers  are  appearing  in  enter¬ 
prise  data  centers  as  the  technology  moves 
away  from  specialized,  proprietary  systems 
to  clusters  of  low-end  machines  based  on 
standard  processors  from  Advanced  Micro 
Devices  (AMD)  and  Intel  running  Linux, 
industry  observers  say 
Even  supercomputing  giant  Cray  is  mov¬ 
ing  to  a  standard  platform,  announcing  at 
the  Supercomputing  conference  that  it  was 
extending  its  partnership  with  AMD  and 
See  Supercomputing,  page  30 


ApplQ  founder  sold  on  HP 


HP  acquired  storage-management 
software  vendor  ApplQ  last  month 
and  named  company  founder  Ash 
Ashutosh  CTO  for  HP’s  storage  soft¬ 
ware  group.  Network  World  Senior 
Editor  Deni  Connor  recently  spoke 
with  Ashutosh  about  his  new  job 
and  the  market.  An  edited  transcript 
of  that  conversation  follows. 


Why  exactly  did  HP  acquire  ApplQ?  It  seems  you  were  doing  pretty 
well  on  your  own  -  you  OEM  software  to  Sun,  Hitachi  and  Engenio. 

A  couple  of  reasons  —  HP  wanted  to  gain  dominance  in 
servers,  regain  market  share  in  storage  hardware  and  domi¬ 
nate  the  management-software  business.  If  you  look  at  those 
areas,  ApplQ  had  announced  an  initiative  for  open  manage¬ 
ment  called  OpenlQ,  which  is  middleware  that  lets  you  build 
an  infrastructure-management  system.  HP  saw  good  synergies 
with  that  and  with  the  server-management  software  we  had 
been  working  with  for  a  while. 

Doesn’t  HP  face  competitive  threats  if  it  continues  to  be  the  OEM  for 


ApplQ  software? 

They  do,  but  if  they  truly  want  to  be  a  heterogeneous  storage- 
software  vendor,  they  have  to  have  multiple  distribution  chan¬ 
nels  —  ones  that  are  owned  by  competitors.  HP  is  taking  a 
pragmatic  approach  to  the  market.  We  are  bent  on  winning, 
but  we  also  realize  that  HP  can’t  sell  everything  alone. 

Was  ApplQ  looking  for  a  buyer? 

We  were  not.  As  late  as  July  we  were  meeting  with  bankers 
about  an  IPO  18  to  24  months  out. We  were  doing  well.We 
looked  at  the  opportunity  and  what  the  bankers  said  our  valua¬ 
tion  would  be.  We  realized  not  only  was  HP  a  good  culture  fit 
for  us,  but  also  HP  would  be  a  partner  that  we  could  get  closer 
with.  In  terms  of  an  exit  strategy  for  investors,  it  was  a  win. 

What  are  the  benefits  for  HP  of  the  HP/ApplQ  combination? 

We  see  this  as  a  huge  storage-  and  server-management  part¬ 
nership.  We  are  moving  the  paradigm  away  from  storage  man¬ 
agement,  but  adding  effective  server  management  to  create  an 
adaptive  enterprise.Then  we  will  drag  in  other  products  HP 
has,  like  its  back-up  and  storage  products.  Finally,  it  becomes  a 
centerpiece  of  the  company’s  goal  of  becoming  the  dominant 
management-software  provider. 

See  Ashutosh,  page  30 
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continued  from  page  29 

would  build  its  next-generation 
supercomputers  on  the  Opteron 
platform. Sun  also  used  the  show 
to  unveil  upgraded  Opteron- 
based  Sun  Fire  servers  designed 
for  high-performance  computing 
clusters. 

“More  industries  are  using  high- 
performance  computing  for  their 
data-driven  tasks.  One  reason  is 
that  cluster  computers  have 
become  more  reasonably  priced,” 
said  Kathryn  Kelley,  communica¬ 
tions  chair  for  the  conference. 
“The  hardware,  software  and  algo¬ 
rithms  have  become  easier  to 
use.” 

As  a  result,  the  Supercomputing 
conference  is  getting  a  closer 
look  from  corporate  IT  profes¬ 
sionals,  and  not  just  those  in 
energy,  finance,  manufacturing 
and  pharmaceutical  industries. 

“The  truth  of  it  is,  there  are  par¬ 
allel  problems  that  companies 
like  Google  face  that,  as  I  under- 


Tops  in  teraflops 

IBM’s  BlueGene/L  System, 
for  the  third  straight  time,  has 
topped  the  twice-yearly 
Top500  list  of  the  fastest 
computers  in  the  world.  The 
system,  installed  at  the 
Department  of  Energy's 
Lawrence  Livermore  National 
Laboratories,  was  measured 
with  a  Linpack  benchmark 
performance  of 

280.6  teraflops. 


stand  it,  are  as  challenging  as  the 
scientific  problems  that  we  are 
trying  to  solve  with  high-end  sci¬ 
entific  computing,”  said  Richard 
Loft,  deputy  director  of  the  scien¬ 
tific  computing  division  at  the  Na¬ 
tional  Center  for  Atmospheric 
Research  in  Boulder,  Colo. 

He  said  Gates’  keynote  address 
is  one  example  of  the  expan¬ 
sion  of  supercomputing  beyond 
niche  deployments  into  broader 


enterprise  use.  “Microsoft  has 
been  notable  by  its  absence  in 
the  high-performance  comput¬ 
ing  game,”  he  said. “The  fact  that 
[Gates]  is  giving  a  keynote  sig¬ 
nals  something  of  a  shift.  It  repre¬ 
sents  the  broadening  of  the  defi¬ 
nition  of  high-performance  com¬ 
puting  from  being  simply  about 
scientific  calculations  to  includ¬ 
ing  a  lot  of  large-scale  comput¬ 
ing  associated  with  business.” 

It’s  no  surprise  that  attendance 
at  the  Supercomputing  confer¬ 
ence  is  growing,  Kelley  said.  She 
estimates  the  show  drew  more 
than  9,000  attendees  this  year, 
compared  with  fewer  than  8,000 
last  year.  Nearly  270  exhibitors, 
including  EMC,  HP  and  Microsoft, 
crowded  the  two-level  show  floor. 

“I  personally  think  it’s  healthy  for 
the  scientific  computing  commu¬ 
nity  and  what  you  would  call  the 
large-scale  business-computing 
community  to  swap  ideas,”  Loft 
said.“There  are  likely  to  be  a  lot  of 
ways  we  could  end  up  cross-fertil¬ 
izing  one  another”  ■ 


Ashutosh 

continued  from  page  29 

What  are  the  benefits  of  the  acquisition  to  the  customer,  especially  one  with 
non-ftP  gear? 

Nothing  has  changed. This  continues  to  be  a  company  that  develops 
heterogeneous  management  solutions  that  are  standards-based.and 
that  works  through  partners.  What  has  changed  from  a  customer  per¬ 
spective  is  the  uncertainty  of  what  would  happen  to  AppIQ.  At  least 
now,  if  1  was  a  customer,  I  know  for  sure  that  the  platform  is  going  to 
be  supported  by  HPHP  has  also  added  more  than  200%  new 
resources  to  the  product  to  work  on  issues  AppIQ  had  planned  to  do 
over  the  next  two  years. 

What  is  the  future  of  storage-management  software?  How  is  it  changing? 

At  the  outset,  we  said  that  by  2006  or  2007,  if  someone  is  still  in  the 
business  of  storage  management  alone,  they  are  probably  in  the  wrong 
business.  Enterprises  have  tools  that  can  manage  everything.  AppIQ  has 
started  to  do  this  with  server  and  application  management. 

You  will  start  to  see  tools  such  as  change  management  or  predictive 
fault  management  incorporated  into  storage-management  suites.  In 
our  case,  they  are  coming  as  a  result  of  the  higher-level  integration 
we  are  doing. There  are  a  lot  of  niches  you  can  focus  on  —  HP  is 
focusing  on  one  that  does  performance,  asset,  fault,  change  and 
device  management,  all  of  it  based  on  standards  like  J2EE,SM1-S, 

C1M  or  JBOSS.  We  are  going  to  consolidate  device  management, 
build  a  data-center  management  platform  based  on  OpenlQ,  com¬ 
bine  server  and  storage  management  and,  finally,  [use]  IP  out  of  HP 
Labs  to  perform  information  management.  ■ 


IT  supports  and  controls  the 
applications  that  run  the  business. 

Now  there's  an  application  to  support 
and  control  the  business  of  IT. 

Maximo®  ITSM,  the  most  comprehensive  IT  asset  and  service 
management  solution,  substantially  improves  the  business  of  IT, 
significantly  increasing  the  value  IT  brings  to  an  organization.  By 
unifying  IT  service,  asset  and  work  management  on  a  single 
software  platform,  Maximo  ITSM  delivers  the  control  and  visibility 
you  need  to  align  IT  service  levels  with  your  overall  business  goals. 
All  you  need  to  integrate  and  automate  processes,  reduce  unplanned 
outages,  standardize  and  share  information  and  surpass  service-level 
commitments.  To  make  your  IT  organization  more  efficient  and 
more  valuable,  download  our  whitepaper  at  www.maximoit.com/nw 
or  call  800-326-5765. 

i\l  COUNTED  CONTROLLED  MAXIMIZED 


mro  software 


*  200$.  MR( >  Software,  Inc.  All  rights  reserved.  Maximo  is  a  registered 
trademark  and  NIRO  Software  is  a  trademark  of  MRO  Software,  Inc. 


make  it  all  count 


'  ■ « 


Today,  James  configured  six  critical  servers  in 


six  different  states  -  all  before  lunchtime  in 


With  Avocent  data  center  management  solutions,  the  world  can  finally  revolve  around  you.  Avocent 
DSView"  3  management  software  gives  you  a  secure,  centralized  point  of  control  -  whether  your  server  rooms  are 
across  the  hall  or  across  the  nation.  With  more  than  20  years’  experience,  Avocent  offers  multi-platform,  multi-device  access 
that  fits  seamlessly  into  your  multi-tasking  lifestyle.  You  can  manage  critical  servers,  networks  and  more,  all  from  a  single 
interface.  And  you  can  do  it  from  any  location.  Avocent  helps  you  save  time,  improve  efficiencies  -  and  brag  a  little  too. 


For  one-stop  information  on  improving  data  center  practices,  visit 
www.avocent.com/kvmbpg 


Avocent,  the  Avocent  logo,  The  Power  of  Being  There  and  DSView  are  registered  trademarks  of  Avocent  Corporation.  All  other  trademarks  or  company 
names  are  trademarks  or  registered  trademarks  of  their  respective  companies. 


73%  of  the  FORTUNE  100®  and  76% 
of  the  European  100  compared  business 
collaboration  providers  and  came  to 
a  single  conclusion. 


Obviously,  great 
minds  think  alike. 


Many  of  the  world's  most  successful  organizations  rely  upon  Sterling  Commerce  to  automate  their  business 
processes,  so  they  can  exchange  critical  information  with  their  trading  partners,  subsidiaries  and  customers. 
Reliably.  Securely.  And  regardless  of  the  application  being  used.  Sterling  Commerce  delivers  the  first  platform  to 
meet  all  the  complex  challenges  of  real-world  multi-enterprise  collaboration.  Find  out  what  so  many  companies 
already  know.  Speak  to  a  Sterling  Commerce  representative  today.  Or  visit  www.sterlingcommerce.com 

BUSINESS  APPLICATIONS  /  BUSINESS  INTEGRATION  BUSINESS  INTELLIGENCE  /  BUSINESS  PROCESS  MANAGEMENT  /  SOLUTION  DELIVERY 


sterling  commerce 


©2005  Sterling  Commerce,  Inc.  ALL  RIGHTS  RESERVED.  Sterling  Commerce  and  the  Sterling  Commerce  logo  are  trademarks  of  Sterling  Commerce,  Inc.  Sterling  Commerce  is  an  SBC  Communications,  Inc. 
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SAP  GEO  faces  many  challenges 


Business-applications  vendor  SAP 
faces  plenty  of  challenges  these 
days.  Competition  from  rival  Oracle 
is  intensifying,  especially  after 
Oracle’s  acquisition  of  PeopleSoft; 
partner  Microsoft  is  expanding  into 
business  analytics,  an  area  in 
which  SAP  also  aims  to  be  a  major 
player.  In  addition,  new  open  source  offerings  are 
emerging  in  the  area  of  CRM,  while  hosting  compa¬ 
nies,  such  as  Salesforce.com,  continue  to  make 
inroads.  The  list  of  challenges  facing  SAP  CEO  Henning 
Kagermann  appears  endless.  Despite  his  heavy  work¬ 
load,  however,  the  friendly,  straight-talking  executive 
found  time  to  discuss  these  challenges  with  John  Blau 
of  the  IDG  News  Service. 

How  has  the  Oracle  buying  spree  affected  you  so  far?  Are  cus¬ 
tomers  who  use  the  Oracle  stack  to  run  their  SAP  applications  in 
jeopardy  of  being  caught  in  a  competitive  crossfire? 

Our  customers  have  no  disadvantages.  We  will  continue  to 


support  products  from  competitors  as  we  have  done  in  the 
past. We  are  professional  enough  to  handle  co-opetition,a 
situation  we  have  not  only  with  Oracle.  In  applications, 
we’re  strong  competitors  but,  on  the  other  hand,  our  soft¬ 
ware  runs  well  on  Oracle  databases. 

And  the  impact  of  Oracle's  acquisitions? 

The  acquisitions  were  forced  by  market  changes.  Over  the 
past  four  years,  we  gained  market  share  and  created  a  bigger 
distance  to  Oracle.  So  Oracle  bought  some  market  share  to 
reduce  this  distance.  As  a  result,  they  now  try  to  compete  on 
price. 

You  held  merger  talks  with  Microsoft,  but  these  amounted  to  noth¬ 
ing.  Are  there  ways  for  you  to  cooperate  over  and  above  your  new 
joint  product  Mendocino? 

Nothing  has  changed.  We  have  a  good  working  relationship 
with  Microsoft  —  Mendocino  being  a  prime  example  —  but 
there  are  others,  such  as  improving  the  interconnectivity  of 
.Net  and  NetWeaver.We  have  a  relationship  that  works  well, 
and  we  have  no  intent  to  change  it. 

How  serious  is  the  threat  of  hosted  services?  And  are  you  still 

See  Kagermann,  page  34 


MgmL  vendor  targets  shared  folders 


Short  Takes 


■  ANTs  Software  has  released  an 
update  to  its  high-speed  ANTs  Data 
Server  relational  database  that 
makes  it  compatible  with  databases  from 
MySQL  AB  and  IBM's  Informix  division; 
companies  can  now  move  applications 
written  for  those  databases  to  ADS  rela¬ 
tively  easily  and  with  little  recoding.  ADS 
Version  3.4  also  is  compatible  with 
Oracle's  lOg  and  Times  Ten  databases, 
Microsoft's  SQL  Server  and  Sybase's 
Adaptive  Server  Enterprise.  ANTs  says  it 
hopes  the  new  version  will  attract 
MySQL  customers.  Oracle  recently 
acquired  Innobase  OY,  an  open  source 
company  that  develops  a  popular  compo¬ 
nent  of  the  MySQL  database.  ANTs 
claims  to  offer  a  significant  perfor¬ 
mance  boost  compared  to  the  leading 
databases,  particularly  when  handling 
heavy  transaction  loads,  complex  analyti¬ 
cal  queries  or  a  large  number  of  active 
connections.  Pricing  for  ADS  Version  3.4 
is  unchanged  at  $25,000  per  processor 
for  the  enterprise  edition.  The  company 
offers  a  special  deal  for  MySQL  cus¬ 
tomers,  who  can  switch  to  ADS  for  a  lim¬ 
ited  time  for  half  of  their  annual  MySQL 
invoice. 

■  Ping  Identity  last  week  released  an 
update  to  its  identity-federation  server. 
Ping  Federate  3.0  includes  support  for 
Version  2.0  of  the  Security  Assertion 
Markup  Language  standard,  which  was 
approved  in  March  by  the  Organization 
for  the  Advancement  of  Structured 
Information  Standards.  The  server  also 
includes  a  new  use-case  configuration 
engine  and  can  be  deployed  as  a  stand¬ 
alone  network  service.  Identity  federa¬ 
tion  allows  corporations  to  share  user 
authentication  across  security  bound¬ 
aries.  Ping  is  pushing  SAML  2.0  as  the 
convergence  point  for  standards-based, 
interoperable  identity  federation. 
Currently  there  are  a  number  of  identity- 
federation  protocols  that  do  not  com¬ 
pletely  interoperate,  including  SAML  1.1 
and  1.2  and  the  Liberty  Alliance  specifi¬ 
cations  1.1  and  1.2.  Ping  Federate  3.0  is 
available  now  for  download.  The  first 
100,000  transactions  on  the  server  are 
free.  Users  will  pay  a  yearly  subscription 
fee  for  further  use:  $10,000  per  year  for  1 
million  transactions  or  $30,000  per  year 
for  unlimited  transactions,  including  sup¬ 
port  and  maintenance. 


BY  JOHN  FONTANA 

Management  vendor  Desktop  Standard  is 
adding  to  its  FblicyMaker  software  lineup  a 
new  Share  Manager  package  that  provides 
users  with  tools  for  centrally  managing 
shared  folders  on  servers  and  desktops. 

Centralized  management  ensures  that 
shared  folders  are  kept  under  control  and 
don’t  grow  to  become  a  security  risk. 
Share  Manager  is  an  extension  to  the 
group-policy  management  features  of 
Microsoft’s  Active  Director  Group  policy, 
which  is  supported  on  Windows  2000,  XP 
and  Windows  Server  2003,  lets  administra¬ 
tors  manage,  customize  and  lock  down 
desktop  and  server  settings  based  on  a  set 
of  policies  maintained  in  the  directory. 

“With  [Share  Manager]  I  keep  the  share 
naming  conventions,  the  access  control 
lists  and  everything  associated  with  that 
network  resource  consistent,”  says  Alex 
Diaz,  enterprise  development  manager  for 
Katten  Muchin  Rosenman,  a  Chicago  law 
firm.  Diaz  says  group  policy  means  he  is  in 


control:  “I  want  to  make  sure  only  certain 
people  have  access  to  certain  shares.  On 
the  back-office  servers,  we  try  to  enforce 
hidden  shares,  so  you  can’t  scan  the  net¬ 
work  and  attach  to  resources.  By  securing 
the  shares,  that  narrows  the  risk.” 

He  says  he  also  uses  the  software  as  a 
disaster-recovery  tool.“If  I  have  to  rebuild  a 
server  or  replace  hardware,  I  don’t  have  to 
rely  on  a  technician  to  create  all  the 
shares  again,”  he  says. 

Desktop  Standard  has  integrated  Share 
Manager  with  Microsoft’s  Access-Based 
Enumeration  (ABE)  technology,  which 
was  introduced  in  Windows  Server  2003. 
ABE  lets  administrators  make  folders  visi¬ 
ble  only  to  those  who  are  authorized  to 
see  them,  a  feature  that  has  been  a  staple 
of  Novell’s  NetWare  for  years.  With  Share 
Manager,  users  can  set  ABE  policy  on  file 
shares. 

In  addition  to  ABE,  the  main  features  of 
Share  Manager  are  its  create,  modify  and 
delete  controls  and  its  set  of  25  filters  used 


to  target  share  settings  at  specific  PCs. 
Among  the  create,  modify  and  delete  con¬ 
trols  is  one  that  eliminates  specific  shares, 
managed  or  unmanaged,  whether  visible 
or  hidden  from  users.  The  filters  target  a 
PC’s  share  settings  based  on  its  hardware 
features,  such  as  CPU  speed  and  disk 
space,  or  its  software  features,  such  as 
operating  system,  physical  address  or  site 
domain.  For  example,  administrators  can 
configure  filters  to  remove  all  unautho¬ 
rized  shared  folders  on  user  desktops. 

The  release  of  Share  Manager  comes  a 
week  after  Desktop  Standard  released  the 
latest  version  of  its  FblicyMaker  Software 
Update,  a  patch-management  system  built 
on  group  policy.  Software  Update  2.0 
includes  support  for  Microsoft’s  SQL 
Server  Reporting  Services,  and  it  uses  the 
same  patch  detection  as  Microsoft’s  patch 
tool,  Windows  Server  Update  Services. 

Software  Update  is  priced  at  $  1 1  per  seat 
Share  Manager  is  priced  at  $10.50  per 
managed  desktop  or  server.  ■ 
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A  telecom-regulation  pipe  dream 


NET  INSIDER 

Scott  Bradner 


There  is  a  new  version  out  of 
the  draft  telecom  reform  bill 
(www.networkworld.com,  Doc- 
Finder:9825)  that  1  wrote  about  a 
while  back  (DocFinder:  9826), 
and  from  its  rough  start,  it’s  head¬ 
ing  in  a  worse  direction. 

The  committee  staff  seems  to 
be  drinking  the  same  Kool-Aid 
mixed  by  the  big  telecom  carri¬ 
ers  that  the  FCC  has  swallowed. 
The  Kool-Aid  causes  drinkers  to 
hallucinate  that  big  telecoms’ 
plans  for  closed,  vertically  inte¬ 
grated,  everybody-has-to-pay-the- 
carrier-for-everything  silos  are 
better  for  customers  and  the 


country  than  the  open  Internet 
has  proved  to  be.  To  see  what  big 
telecom  is  thinking,  read  SBC 
Chairman  Edward  Whitacre  Jr.’s 
interview  with  BusinessWeek 
magazine  about  how  Google  and 
other  Internet  services  use  “for 
free”  the  Internet  connections 
SBC’s  customers  already  pay  for 
(DocFinder:  9627). 

The  House  bill  and  the  FCC 
use  good-sounding  words  about 
network  neutrality  but  then  evis¬ 
cerate  the  same  words  with  pro¬ 
carrier  caveats. 

I  expect  that  it  would  be  possi¬ 
ble  to  design  a  telecom  regulato¬ 
ry  regime  that  would  actually  be 
good  for  the  users  and  the  coun¬ 
try  but  1  doubt  we  will  see  any 
such  thing  out  of  Washington. 
That  is,  unless  Google’s  lobbyists 
learn  a  lot  —  and  quickly  —  by 
watching  the  well-connected 
RBOC  lobbyists. 


Just  what  might  good  telecom 
regulation  include?  What  would 
1  do  if  it  were  up  to  me?  First,  as 
the  House  bill  does,  I’d  preempt 
all  local  and  state  controls,  but  I 
would  go  further  and  also  elim¬ 
inate  all  local  franchise  fees. 
Then  I’d  split  the  problem  into 
two  spaces:  facilities  owners 
and  service  providers.  I  would 
not  differentiate  between  the 
types  of  facilities,  or  pipes,  as 
the  House  bill  does.  In  the  IP 
age,  pipes  are  pipes,  not  video 
pipes  or  phone  pipes. 

Under  my  regulations  a  pipe 
owner  could  keep  the  facility  to 
itself  and  offer  its  own  phone, 
Internet  or  video  service  —  there 
would  be  no  forced  open  access 
to  facilities.  Or  it  could  allow  In¬ 
ternet  access,  on  whatever  equal 
terms  it  chose,  to  anyone  who 
wanted  to  provide  an  Internet- 
based  service.lt  could  not,  howev¬ 


er,  concurrently  offer  Internet  ac¬ 
cess  and  any  other  Internet-based 
service.  Pipe  owners  also  would 
have  reasonable  access  to  con¬ 
duits  and  poles. 

“Internet  service”  is  just  that  — 
unimpeded  and  unrestricted  ac¬ 
cess  to  the  Internet  and  Internet- 
based  offerings.  An  ISP  would  be 
prohibited  from  interfering  in 
any  way  with  traffic  to  or  from  a 
customer  except  at  the  express 
request  of  that  customer,  or  from 
favoring  one  service  provider 
over  another.  For  example,  a  cus¬ 
tomer  could  order  an  ISP-provid¬ 
ed  and  -run  firewall  if  it  so 
desired.  ISPs,  but  not  providers  of 
Internet-based  services,  would 
have  to  obey  court-ordered 
requests  for  wiretapping  from 
law  enforcement.  End-to-end 
encryption  might  make  the  wire¬ 
taps  less  useful  than  they  might 
be,  but  so  it  goes. 


I  assume  that  video  and  VoIP  ser¬ 
vices  will  become  just  Internet- 
based  offerings  without  any  need 
to  establish  special  rules  for  them. 
E91  l-like  location  services  would 
have  to  be  enabled  by  ISPs  for  all 
service  providers  using  the  ISP 
including  VoIP  providers. 

Obviously  these  rules  would  not 
make  Whitacre  very  happy,  be¬ 
cause  he  could  not  squeeze  extra 
money  from  Internet-based  ser¬ 
vices  just  to  have  him  leave  them 
alone.  But  leave  them  alone  he 
must. 

Disclaimer:  Harvard  has  schools 
that  train  people  to  actually  create 
regulations.  Clearly  I  did  not  ask 
them  for  help  in  the  above,  so  it’s 
my  own  opinion. 

Bradner  is  a  consultant  with 
Harvard  University's  University 
Information  Systems.  He  can  be 
reached  at  sob@sobco.com 


Kagermann 

continued  from  page  33 

planning  to  launch  the  hosted  service 
announced  earlier  this  year? 

We  said  in  June  that  some  announce¬ 
ments  will  come,  and  this  is  still  true. 
Today,  we  already  offer  hosted  services 
after  having  started  more  than  a  year  ago 
to  partner  with  hosting  companies. 

What  portion  of  revenue  do  these  services  gen¬ 
erate? 

I  would  say  less  than  5%.  Most  cus¬ 
tomers  still  prefer  to  buy  a  license  and 
give  it  to  their  hosting  company 

But  what  about  the  new  service?  What  is  it? 

We  will  be  offering  a  service  that  will 
help  customers  deploy  certain  functions 
of  our  software  products  much  faster. This 
is  similar  to  what  Salesforce.com  does. 
The  real  benefit  of  Salesforce  is  not  the 
hosting  opportunity,  but  rather  the  fact 
that  the  company  has  selected  some 
functionalities  that  it  can  deploy  very  fast. 
This  is  what  we’re  planning. 

Will  customers  be  able  to  run  SAP  on  virtual 
environments? 

Virtualization  is  about  separating  the 
underlying  hardware  infrastructure  so 
users  can  switch  resources  dynamically. 
Initially,  we  offered  it  as  a  separate  capa¬ 
bility,  with  Fujitsu  Siemens  as  a  develop¬ 
ment  partner. Then  we  extended  the  offer¬ 
ing  for  other  key  players  in  the  market 
and  their  hardware.  Finally,  we  decided  to 
make  it  a  standard  feature  of  NetWeaver 


because  this  is  our  platform  for  running 
all  applications. 

SAP  is  expanding  its  business-intelligence 
functions  in  NetWeaver.  How  does  this  impact 
your  partnership  with  Business  Objects  and 
others? 

This  is  another  example  of  co-opetition. 
We  have  extended  our  analytics  capabili¬ 
ties  with  SAP  Analytics.  We  have  made  it 
very  clear  to  the  market  that  embedded 
analytics  is  the  future  and  that  analytic 
capabilities  are  part  of  end-to-end  busi¬ 
ness  processes.  On  the  other  hand,  there 
are  specialists,  such  as  Business  Objects, 
who  are  interested  in  working  closer  with 
SAP  because  we  have  joint  clients.  We’re 
not  fighting  them  in  this  area.  Although 
we  will  continue  to  bring  more  and  more 
of  our  own  analytics  to  the  market,  we  are 
committed  to  openness  and  not  closing 
our  products  to  others. 

And  what  about  Microsoft's  recent  move  into 
this  area?  Is  there  reason  to  be  concerned? 

This  isn’t  a  surprise. We  treat  Microsoft 
like  any  other  partner.  In  fact,  I  see  a  good 
opportunity  for  us  to  embed  some  analyt¬ 
ic  capabilities  in  our  Mendocino  joint 
offering.  Analytics  is  just  another  area 
where  we  have  some  overlap  with 
Microsoft,  but  it’s  not  an  area  that  will 
stop  us  from  continuing  to  cooperate. 

How  about  Enterprise  Systems  Architecture 
(ESA)  adoption? 

It’s  very  good.  We  have  a  target  this  year; 
we  expect  to  have  road  maps  with  be¬ 
tween  200  and  300  customers  by  the  end 


of  the  year.  When  I  talk  about  road  maps,  I 
mean  workshops  where  we  discuss  with 
customers  their  future  business  and  IT 
strategy  and  define  jointly  an  architectural 
blueprint  and  road  map.  Some  customers 
start  their  deployments  immediately 
Others  wait  a  couple  of  years.  But  our  tar¬ 
get  is  to  get  the  message  to  customers  that 
they  need  a  road  map  and  that  we  are  the 
right  partner  to  help  them. 

If  you're  so  ESA-based,  where  does  value-add 
come  in?  Where's  the  competitive  different¬ 
iation? 

If  you  compare  SAP  with  others  from  a 
competitive,  differentiation  perspective, 
the  most  important  differentiator  is  our 
broad  experience  in  the  area  of  applica¬ 
tions.  We  are  the  leader  in  nearly  all 
industries  and  have  a  very  broad  foot¬ 
print  with  key  companies  in  the  world.  We 
know  how  they  do  business  today  and 
have  a  good  idea  of  how  their  business 
will  look  in  the  future.This  knowledge  is 
important  for  us  to  design  and  implement 
services  in  the  right  way.  In  addition,  we 
are  running  the  most  advanced  and 
demanding  implementations  in  the 
world.  We  know  how  to  provide  services 
that  perform  and  scale.These  are  some  of 
our  unique  differentiators. 

Some  vendors  including  IBM  have  announced 
an  Enterprise  Service  Bus  for  managing  multi¬ 
ple  services  in  a  service-oriented  architecture. 
How  about  you? 

To  some  extent,  we  already  do  because 
we  have  NetWeaver  as  a  bus.  We  can  sup¬ 
port  the  integration  of  non-SAP  services 


and  products  with  ours.  So  our  customers 
have  choices.  If  they  want  a  second  plat¬ 
form  and  want  to  connect  the  two,  they 
can.  And  if  they  want  to  integrate  non- 
SAP  applications  using  the  integration 
capabilities  of  our  platform,  they  can  do 
that,  too. 

How  are  you  dealing  with  new  open  source 
players  such  as  SugarCRM,  which  offer  low- 
cost  software  to  smaller  companies? 

I  don’t  believe  business  applications  are 
a  field  for  open  source.  Why  do  I  say  this? 
The  Linux  operating  system  is  one  thing. 
It’s  well  defined  and  developed  by  a  com¬ 
munity  used  to  programming. 
Applications  are  another  story,  particular¬ 
ly  business  applications.  Designing  appli¬ 
cations  to  run  business  processes 
requires  very  strong  governance.  And  I 
have  my  doubts  if  a  community  can 
achieve  this.You  need  strong  guidance 
and  expertise  to  convince  customers  that 
the  way  you  design  business  applications 
is  the  right  way  for  the  future. 

How  is  your  small  and  midsize  business  offer¬ 
ing  developing? 

We  are  growing  faster  in  this  segment 
than  in  the  others.That’s  good  news. 
Hosting  is  definitely  one  direction,  but 
what  the  market  really  needs  is  a  pre¬ 
integrated,  predefined  software  stack. 
We're  doing  exactly  this.  Instead  of  giving 
customers  the  entire  flexibility  and 
choice,  we’re  offering  a  few  preintegrat¬ 
ed  and  predefined  solutions.  It’s  simpler 
and  cheaper. That’s  what  these  customers 
want.B 
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Legendary  Reliability' 


ISXT280HD8R  8  uptolOkW  $399,999*  $1 2,999** 

High  density  upgrades  start  at  $1 0,999 
On-site  power  generation  options  start  at  s29,999 


Now  you  can  quickly  deploy  a 
standard-  or  high-density  site  of  any  size 
with  scalable,  top-tier  availability. 


Part 

Number 

Usable 

IT  Racks 

Average 
kW  per  Rack 

Price  Price  to  lease 

to  buy  (36  installments) 

ISXCR1SY16K16P5 

1 

up  to  5kW 

$14,999*  $499** 

ISXT240MD6R 

6 

up  to  5kW 

$149,999*  $4,999** 

ISXT240MD11R 

11 

up  to  5kW 

*249,999*  *7,999** 

ISXT280MD40R 

40 

up  to  5kW 

$699,999*  $21,999** 

ISXT2800MD10QR 

100 

up  to  5kW 

$1,649,999*  $50,999** 

High  Density  Configuration  (shown  above) 

All  multi-rack  configurations  feature: 

N+l  power  and  cooling 
%/  Secure,  self-contained  environment 
•/  Peak  capacity  of  20kW  per  rack 
%/  Enhanced  service  package 
•/  Integrated  management  software 


lnfraStru/\ure 


DATA  CENTERS  ON  DEMAND 


5Cu 


Highly  available  and  manageable, 
quick-to-install,  scalable  architecture 
that  easily  supports  both  standard- 
and  high-density  applications, 

-  Up  to  20kW  a  rack  for  any 
blade  server  application 

-  Unlimited  racks 

-  Ships  in  5  days*** 

-  Installs  in  1  day*** 

-  Optional  on-site  power 
generation 


InfraStruXure™  Manager 


Chamber  Doors 

Access  to  hot  aisle, 
locks  for  security 


APC  solutions  that  carry 
the  "Blade-Ready"  Logo 
are  designed  to  handle  the 
demanding  network-critical 
physical  infrastructure 
requirements  of  high-density 
blade  server  applications. 


<«/ 

BLADE 

READY' 


Order  your  solution  today.  Call  888-289-APCC  x3552. 


Visit  today  and  receive  FREE  APC  White  Papers 

Visit  us  online  and  download  APC  White  Papers. 


Don't  see  the  configuration  you  need? 


-  Haised  floor  not  required 

-  Vendor  neutral  guaranteed 
compatibility 


InfraStruXure ™  can  be  purchased  as 


a  modular,  or  mobile  system 


InfraStruXure  BuildOut  Tool 


Try  APC's  online  InfraStruXure  BuildOut  Tool  today  and  build  your  own  solution. 

Go  to  http://promo.apc.com  and  enter  key  code  g840x  Call  888-289-APCC  x3552  Legendary  Reliability® 


'  Prices  do  not  include  IT  equipment  and  are  subject  to  change.  **  Indicative  rates  are  subject  to  market  conditions.  *"  Install  and  delivery  times  may  vary. 


©2005  American  Power  Conversion  Corporation.  All  trademarks  are  the  property  of  their  owners.  E-mail:  esupport@apcc.com  •  132  Fairgrounds  Road,  West  Kingston,  Rl  02892  USA  ISX4D4EFUSC 


The  point  of  business  is  cost-effectively  connecting  enterprise  resources  to  better  serve  your  customers.  With  a  wholly  owned,  end-to-end 

network — backed  by  a  team  of  consultants  working  with  you  to  develop  the  optimal  solution  for  your  environment — Time  Warner  Cable  delivers 

\  •  \0!i  i  % 

reliable  business  communications.  Add  to  that,  standard  and  customized  SLAs,  along  with  a  full  suite  of  data,  video,  and  security  solutions — 

including  Metro  Ethernet,  Teleworker  Solutions,  Branch  Office  Connectivity — and  you  have  a  scalable  infrastructure  for  sharing  information, 
reducing  costs  and  realizing  the  value  on  your  IT  investment.  That's  the  point  of  business. 


TIME  WARNER 


Highest  Customer  Satisfaction  With  Business  Broadband  Data  Service  Providers' 


J.D.  Power  and  Associates  2005  Major  Provider  Business  Telecommunications  Services  Study 
Broadband  Data  segment  includes  services  such  as  DSL,  cable  modem,  ISDN,  T - 1,  ethernet  and 
videoconferencing  services  Study  conducted  among  5,178  businesses  with  2-500 *  employees  that 
subscribe  to  niaior  providers  in  the  broadband  business  telecommunications  market,  www.jdpower.com 


RoadRunner 

Business  Class 

Experience  Broadband 
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SERVICE  PROVIDERS 

■  THE  INTERNET  BVPNS  INTEREXCHANGES  AND  LOCAL  CARRIERS  Cl  WIRELESS  ■  REGULATORY  AFFAIRS  ■  CARRIER  INFRASTRUCTURE 


Google  goes  to  Washington 


I’ve  written  several  columns  recently  on 
the  need  for  service  providers  to  work 
together  to  create  a  framework  for  peering 
agreements  that  ensures  the  effective  and 
profitable  handoff  of  QoS-enabled  traffic. 
The  urgency  just  went  up  a  notch:  Carriers 
had  better  plan  to  tackle  this  issue  soon,  or 
look  for  Google  and  its  peers  to  lobby  the 
government  to  force  them  to  do  it. 

Last  month  Google  announced  that  it’s 
opening  an  office  in  Washington  to  lobby 
for,  among  other  things,  “broadband 
access  and  Internet  standard-setting.” 

Google  didn’t  say  so  directly,  but  you  can 
bet  it’s  gotten  just  a  teensy  bit  annoyed  by 
the  way  peering  spats  between  providers 
such  as  Level  3  Communications  and 
Cogent  Communications  can  shut  down 
Internet  access  for  users,  as  happened  a 
few  weeks  ago.  As  noted  in  previous  col¬ 
umns,  Google  (along  with  Amazon.com, 
eBay  and  the  online  gaming  community) 
have  the  most  to  lose  if  the  Internet  does- 


Short  Takes 


■  Once  their  merger  is  complete, 
AT&T  will  be  led  mostly  by  longtime 
SBC  executives,  according  to  a  man¬ 
agement  lineup  announced  recently. 
SBC  Chairman  and  CEO  Ed  Whitacre 
will  keep  those  titles  following 
approval  of  SBC's  $16  billion  deal  with 
AT&T,  which  may  be  completed  this 
month.  The  merger  transition  will  be 
led  by  James  Callaway,  who  has  held 
the  title  of  group  president  of  AT &T 
integration  since  February.  David 
Dorman,  chairman  and  CEO  of  AT &T, 
will  become  president  of  the  new 
company  and  a  member  of  the  board 
of  directors  for  a  brief  transition  peri¬ 
od  before  resigning.  The  carrier  will 
retain  its  senior  executive  vice  presi¬ 
dent  and  general  counsel,  James  Ellis, 
who  has  been  at  SBC  since  1984. 

SBC  COO  Randall  Stephenson  will 
hold  the  same  position  in  the  merged 
company. 


n’t  deliver  highly  reliable  end-to-end  ser¬ 
vice.  These  companies’  revenues  are  on 
the  line,  so  expect  them  to  take  the  issue  of 
effective  peering  arrangements  very  seri¬ 
ously  —  more  so  than  the  carriers  cur¬ 
rently  do. 

Service  providers  generally  negotiate 
Internet  peering  agreements  on  a  case- 
by-case  basis  —  and  these  agreements 
often  date  back  to  the  days  before  ser¬ 
vice  providers  seriously  considered 
making  money  from  backbone  Internet 
transport.  Back  then,  the  real  money 
came  from  voice  and  enterprise  data 
services. 

In  other  words,  Internet  backbone  ser¬ 
vices  —  and  peering  arrangements  —  did¬ 
n’t  need  to  be  profitable,  because  the  fund¬ 


BY  JIM  DUFFY 

GM  is  developing  an  alternative  to  the 
U.S.  Department  of  Transportation’s  intel¬ 
ligent  vehicle-to-vehicle  collision  and 
congestion  avoidance  communications 
system  that  the  automaker  says  is  less 
expensive  and  more  sophisticated. 

GM’s  V2V  system  is  an  extension  of  the 
car  manufacturer’s  OnStar  vehicle-to-ser- 
vice  center  driver  assistance  communi¬ 
cations  system.  It  uses  the  same  satellite- 
and  cellular-network-based  GPS  technol¬ 
ogy  as  OnStar,  yet  facilitates  vehicle-to- 
vehicle  communications  and  360-degree 
visibility  —  two  features  lacking  in 
OnStar. 

GM  says  V2V  will  be  less  expensive  to 
implement  than  the  government’s  $3  bil¬ 
lion  to  $10  billion  Vehicle  Infrastructure 
Integration  (VII)  network  because  it  uses 
OnStar’s  existing  network  infrastructure.VII 
is  envisioned  as  a  network  of  220,000  IEEE 
802.11a  and  802. lip  wireless  hot  spots  re¬ 
quiring  onboard  antennas  and  trans¬ 
ceivers  in  cars,  and  roadside  units  at  inter¬ 
sections  and  highway  operations  and 
maintenance  facilities  along  interstate 
and  state  highways. 

The  Department  of  Transportation  and 
carmakers  backing  VII  recently  lobbied 
the  telecommunications  industry  to  sup¬ 
port  it  (www.networkworld.com,  Doc 
Finder:  9830). 


ing  came  from  somewhere  else.That’s  why 
all  the  pure-play  ISPs,  such  as  UUNET  and 
MFS,  were  bought  by  providers  such  as 
MCI  and  AT&T  that  offered  a  broader  mix 
of  services:  the  real  profits  came  from  on- 
net  voice  and  data  traffic,  and  carriers 
could  subsidize  unprofitable  ancillary  ser¬ 
vices, such  as  running  Internet  backbones, 
out  of  those  profits. 

Times  have  changed.  Profit  margins  for 
voice  and  traditional  enterprise  data  ser¬ 
vices  are  cratering,  so  relying  on  them  to 
subsidize  anything  is  a  fool’s  game. 
Corporations  are  moving  away  from  those 
services  and  toward  Internet-based  ser¬ 
vices,  which  by  definition  are  multi-carri¬ 
er,  particularly  for  remote  and  branch 
offices. 


Smart,  carefiil  cars 

Features  of  GM's  new  vehicle-to- 

vehicle  communications  service. 

•  Emergency  electronic  brake  light  —  driver 
advised  when  any  vehicle  ahead  brakes  hard. 

•  Slowed/stopped  vehicle  adviser. 

•  Lane  change  and  blind  zone  adviser/warning. 

•  Rear-end  collision  avoidance . 

•  Forward  collision  avoidance  with  auto-brake . 

SOURCE:  GM 

GM  demonstrated  V2V  two  weeks  ago  at 
the  Intelligent  Transportation  Systems 
World  Congress  in  San  Francisco.  Using  an 
antenna,  a  “computer  chip”  and  GPS,  the 
system  is  designed  to  enable  a  vehicle  to 
detect  the  position  and  movement  of 
other  vehicles  up  to  a  quarter-mile  away  in 
a  360-degree  radius. 

V2V  allows  vehicles  to  anticipate  and 
react  to  a  changing  driving  situation,  and 
then  warn  drivers  with  chimes,  visual 
icons  and  seat  vibrations.  If  the  driver 
doesn’t  respond  to  the  alerts,  the  car  can 
bring  itself  to  a  stop  to  avoid  collision,  GM 
says. 

A  V2V-equipped  car  can  alert  the  driver 
to  vehicles  in  blind  spots  with  a  steady 
amber  light  in  the  side  mirror.  If  the  turn 


That  means  service  providers  need  to 
figure  out  how  to  make  a  profit  from  hand¬ 
ing  off  Internet  backbone  traffic  to  their 
peers.  And  not  just  any  traffic:  With  the  rise 
of  multimedia  applications  (voice,  video, 
online  gaming),  they  must  track  not  only 
the  quantity  of  traffic  but  also  the  traffic 
QoS  type  that  they’re  handing  off  to  their 
peers. 

The  bottom  line  is  that  service  providers 
had  better  figure  out  a  profitable  peering 
framework  pretty  darn  quick  —  or  expect 
Washington  to  force  them  to  do  so. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research ,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 


signal  is  activated,  a  flashing  amber  light 
and  gentle  seat  vibration  on  the  side  can 
notify  the  driver  of  a  potentially  dangerous 
situation,  GM  says. 

The  system  also  can  help  alleviate  pile- 
ups  on  congested  roads  during  rush  hour 
caused  by  a  chain  reaction  rear-end  colli¬ 
sion,  GM  says.  The  trailing  vehicle  warns 
the  driver  first  with  visual  icons  and  seat 
vibrations  on  the  front  and  then  automati¬ 
cally  brakes  if  there  is  danger  of  a  rear-end 
collision  with  the  vehicle  ahead,  the  com¬ 
pany  says. 

V2V  also  can  warn  a  driver  when  vehi¬ 
cles  ahead  are  stopped  or  traveling 
much  slower,  or  when  a  vehicle  ahead 
brakes  hard.  It  also  can  use  rear  lights  to 
warn  the  other  driver  when  the 
approaching  vehicle  is  moving  very 
quickly  and  a  rear-end  collision  is  immi¬ 
nent,  GM  says. 

In  2007,  all  GM  cars  will  be  equipped 
with  OnStar  technology  forV2V  communi¬ 
cations,  the  company  says.  Equipment  will 
also  be  available  to  outfit  older  vehicles 
with  the  technology 

GM  also  is  working  on  V11.V2V  is  another 
option  in  a  line  of  similar  vehicle  intelli¬ 
gence  projects  underway  within  the  auto 
industry  a  company  spokeswoman  says, 
while  acknowledging  that  V2V  is  easier  for 
GM  and  gives  the  manufacturer  a  compet¬ 
itive  advantage.  ■ 


GM  to  roll  out  intelligent  car  alternative 

Says  OnStar-based  V2V  technology  will  be  easier,  less  expensive  than  government’s  VII. 


A  Service  Managing  7  Million  Transactions  a  Day. 

Running  on  Microsoft  SQL  Server  2005. 


Your  potential,  pir 
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How  does  Xerox  Global  Services  manage  millions  of  office  devices  for  its  customers? 
Their  largest  application  runs  on  new  SQL  Server™  2005  64-bit  running  on  Windows 
Server™  2003,  which  provides  99.999%  uptime*  See  how  at  microsoft.com/bigdata 


Microsoft’  f . „/« 

Windows 
Server  System 


tion  in  the  Ui 


Results  not  typical  .Availability  is  dependent  on  many  factors,  including  hardware  and  software  technologies,  mission-critical  op, 
i  Your  potential.  Our  passion."  are  either  trademarks  or  registered  trademarks  of  Microsoft  CorpBri 
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Sun,  Lucent  tout  encrypted  e-mail  service 


BY  TIM  GREENE 

Sun, Lucent  and  Echoworx  are 
banding  together  to  provide  an 
encryption  service  that  can 
save  businesses  from  having  to 
build  their  own  infrastructure  to 


secure  e-mail. 

Called  Sun  Secure  Mail,  the  ser¬ 
vice  will  be  sold  to  ISPs  and  other 
carriers  that  can  sell  it  to  cus¬ 
tomers,  be  it  businesses  or  con¬ 
sumers.  While  ISPs  would  set  the 


retail  price,  Sun  says  it  thinks  that 
could  be  between  $5  and  $10  per 
user  per  month  based  on  what  it 
will  charge  the  ISPs  for  the  whole¬ 
sale  service. 

Sun  hasn’t  named  any  service 


providers  that  are  going  to  buy  it, 
but  it  says  a  U.S.  phone  carrier/ISP 
is  to  announce  on  Nov.  28  a  ser¬ 
vice  based  on  Sun  Secure  Mail. 

USA.net,  an  ISP  for  midsize  busi¬ 
nesses,  says  it  is  evaluating  the  ser¬ 


vice  and  plans  to  offer  an  encrypt¬ 
ed  e-mail  service  next  year.  Sun 
Secure  Mail  could  let  USA.net 
secure  customer  e-mail  without 
having  to  invest  in  its  own  hard¬ 
ware  and  software,  says  David 
Ramon,  president  of  USA.net. 

The  company  three  years  ago 
ran  an  encrypted  e-mail  service 
based  on  hardware  and  software 
it  bought,  but  it  posed  so  many 
problems  that  he  discontinued 
the  service.  Now,  with  heightened 
concerns  about  security,  cus¬ 
tomers  are  again  seeking  such  a 
service,  he  says. 

An  encrypted  e-mail  service 
might  be  attractive  to  businesses 
that  want  e-mail  encryption  but 
lack  the  resources  to  set  up  their 
own,  says  Anne  MacFarland, 
director  of  infrastructure  archi¬ 
tecture  and  solutions  for  Clipper 
Group.  Setting  up  public-key 
infrastructure  for  encryption  is 
complex  and  costly,  and  out¬ 
sourcing  it  can  at  least  keep  the 
annual  costs  predictable  for  bud¬ 
get  purposes.  “Doing  encryption 
yourself  is  something  that  could 
suddenly  create  a  lot  of  workload 
if  something  goes  wrong, and  you 
don’t  know  when  it  will,"  Mac¬ 
Farland  says. 

Hardware  for  the  service  will  be 
based  in  a  Lucent  Worldwide 
Services  network  operations  cen¬ 
ter  in  Broomfield,  Colo.,  and 
Lucent  will  take  care  of  provision¬ 
ing  the  services.  Echoworx  tech¬ 
nology  authenticates  users  and 
encrypts  the  e-mails,  and  Sun  is 
coordinating  the  effort  and  pro¬ 
viding  the  servers  needed  to  sup¬ 
port  the  service. 

Customers  that  have  signed  up 
for  a  retail  subscription  to  Sun 
Secure  Mail  can  go  to  the  carri¬ 
er’s  provisioning  site  and  down¬ 
load  a  software  plug-in  for 
Microsoft’s  Outlook,  Outlook 
Express  or  BlackBerry  e-mail. The 
plug-in  creates  a  “secure”  button 
next  to  the  “send”  button  in  the  e- 
mail  application.  Clicking  it 
encrypts  the  e-mail. 

If  it  is  sent  to  someone  who  also 
subscribes  to  Sun  Secure  Mail,  it 
goes  directly  to  them  and  their 
machine  decrypts  it.  If  not,  the 
recipient  gets  an  e-mail  telling 
him  to  pick  up  the  e-mail  at  a  Sun 
Secure  Mail  site,  where  he  pro¬ 
vides  a  pre-shared  secret,  such  as 
his  mother’s  maiden  name.  He 
can  then  open  the  e-mail  on  his 
Web  browser.  ■ 
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When  It  Comes  to  True  Innovation, 
There  1$  Only  One  Fish  in  the  Pond 


Introducing  the  Belden  IBDN™  System  10GX. 
Clearly  the  most  innovative  UTP  structured 
cabling  solution  in  the  marketplace. 

Sometimes  you  have  to  take  a  big  leap  in  your  thinking  to  get  to 
something  that’s  truly  new  —  and  truly  great.  That’s  what  we’ve 
done  with  our  10GX  Solution. 

Our  10GX  Solution  isn't  an  improved  or  boosted  Category  6  system, 
but  a  revolutionary  new  system  designed  around  a  series  of 
dynamic  enabling  technologies  that  deliver  on  the  two  most 
critical  factors  in  10  Gigabit  service:  reduction  of  Alien  Crosstalk 
and  controlled  performance  up  to  a  minimum  of  500  MHz. 

To  accomplish  Beyond  10G™  performance,  we've  developed  four 
totally  new  enabling  technologies  —  technologies  that  allow 
the  Belden  IBDN  System  10GX  to  deliver  guaranteed  performance 
up  to  625  MHz. 


•  SpiralFleX™  Cable  technology  that  increases  randomization  and 
greatly  improves  Alien  Crosstalk  performance 

•  Matrix  IDC™  Module  technology  which  eliminates  the  issue  of 
Alien  Crosstalk  between  modules,  offering  performance  30  times 
better  than  Cat  6 

•  FleXPoint  PCB  Module  technology  that  positions  the  compensation 
circuitry  directly  at  the  plug's  point  of  contact,  offering  unbeatable 
mated-connection  performance 

•  X-Bar™  Module  termination  technology  that  assures  accurate 
module/cable  termination  and  reduces  installation  differences 

10GX  is  truly  the  most  advanced  10G  system  in  the  marketplace  — 

in  fact,  every  other  system  is  just  treading  water. 


For  more  information,  please  call 
Belden  CDT  Networking 
at  1-800-262-9334. 

www.BeldenlBDN.com 


DuPont'  certified  limited 
combustible  cable 


Belden  CDT  \ 


©2005.  Belden  CDT  Inc. 
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Fr:  planning  for  the  next  glitch 


To:  planning  for  the  next  decade 
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EMC  HAS  EVERYTHING  YOU  NEED  TO  MANAGE  YOUR  INFORMATION  EFFECTIVELY. 

Get  more  out  of  your  IT  resources  with  EMC.  From  world-class  services  and 
solutions  to  open  software  and  proven  systems,  EMC  provides  tight  integration 
for  full  compatibility  with  your  existing  infrastructure.  So  you  can  manage  your 
information  across  its  entire  lifecycle  while  you  manage  your  budget.  To  learn  more, 
visit  www.EMC.com. 


EMC2,  EMC,  and  where  information  lives  are  registered  trademarks  of  EMC  Corporation.  ©  Copyright  2004,  2005.  EMC  Corporation. 
All  rights  reserved. 
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The  security  of  your  entire  network 
is  entirely  in  your  hands. 

(Can  you  at  least  show  a  hint  of  panic?) 

When  you  need  to  upgrade  your  network  security,  it's  nice  to  know  you  can  count  on  CDW.  Our  account  managers  and  product  specialists  can  get  you 
quick  answers  to  questions.  And  with  fast  shipping  and  access  to  the  industry's  largest  in-stock  inventories,  you  can  be  sure  to  get  the  security  solutions 
you  need  when  you  need  them.  So  give  us  a  call  and  find  out  first  hand  how  we  make  it  happen.  Every  order,  every  call,  every  time. 
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The  Right  Technology.  Right  Away. 

CDW.com  •  800.399.4CDW 

In  Canada,  call  888.898.CDWC  •  CDW.ca 
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TECHHOLDGY  UPDATE 

■  AN  INSIDE  LOOK  AT  TECHNOLOGIES  ANDSHANDARDS 
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WSDM  spurs  management  integration 


HOW  IT  WORKS:  WSDM 

Web  Services  Distributed  Management  is  a  standard  for  management 
integration  of  Web  services.  In  this  scenario,  WSDM  allows  a  space-shuttle 
landing-site  manager  to  be  notified  whenever  a  weatherstation  changes  status, 
so  he  can  switch  to  the  fastest  calibrated  weather  station  available. 


□  Landing-site  manager  discovers  all  weather  stations  and  subscribes  for  operational-status  change 
events  on  all  weather-station  Web  services. 

B  Landing-site  manager  polls  all  weather-station  Web  services  for  response  time  and  assigns  the  weather 
station  with  the  lowest  response  time,  Florida  1,  to  weather  display  in  a  WSDM  relationship. 

B  Weather  display  polls  Florida  1  weather  station  for  weather  data. 

Q  Weather-station  manager  polls  for  weather-station  data  from  all  weather  stations.  When  data  is 
inconsistent,  the  weather-station  manager  recalibrates  the  device,  taking  it  offline  and  changing  its 
operational  status  to  unavailable. 

B  Weather-station  manager  sends  an  operational-status  change  notification  to  a  landing-site  manager, 
who  assigns  Florida  2  to  the  weather-display  client  to  poll. 


BY  HEATHER  KREGER 

Corporations  today  struggle  to  manage 
complex  business  systems  built  on  a  variety 
of  IT  and  application  resources  from  a 
diverse  set  of  vendors.  These  business  sys¬ 
tems  should  have  flexibility  to  accommo¬ 
date  mergers,  acquisitions,  supply-chain 
changes  and  compliance  with  regulations. 

A  standard  from  the  Organization  for 
the  Advancement  of  Structured 
Information  Standards  (OASIS)  serves  as 
the  foundation  for  management  integra¬ 
tion.  Completed  in  March,  Web  Services 
Distributed  Management:  Management 
Using  Web  Services  1.0  (WSDM)  defines 
how  to  represent  and  invoke  the  manage¬ 
ability  of  an  IT  resource  as  a  Web  service. 
WSDM  allows  management  software 
from  different  vendors  to  interoperate 
more  easily,  enabling  end-to-end  and 
even  cross-enterprise  management. 

WSDM  is  based  on  a  set  of  key  architec¬ 
tural  principles:  composability,  model 
agnosticism,  agent-architecture  agnosti¬ 
cism  and  inspection.  Model  agnosticism 
allows  WSDM  to  represent  any  resource 
model  using  Web  services.  Composability 
means  that  resources  must  support  only  the 
minimum  functions  needed,  allowing 
implementations  for  small,  constrained 
resources  or  sophisticated  servers.  During 
application  and  resource  development  and 
dynamic  discovery  of  WSDM  resources  at 
run-time,  development  tools  will  use 
inspection  of  XML  documents.  Agent- 
architecture  agnosticism  allows  WSDM  to 
adapt  current  resources,  and  not  force 
reinstrumentation. 

The  management  standard  provides  four 
key  technologies:  Web  services  platform 


profile,  manageability  capabilities,  relation¬ 
ships  and  the  WSDM  event  format. 

The  Web  services  platform  profile  ex¬ 
plains  how  other  OASIS  standards  are  used 
as  ’Net  platforms,  ensuring  that  standard 
Web  services  skills,  tools  and  run-times  can 
be  used  for  management.  It  precludes  the 
need  for  maintaining  a  management- 
specific  Web  services  platform. 

WSDM  groups  management  functions 
into  sets  of  properties,  operations  and 
events  that  together  provide  the  informa¬ 
tion  needed  to  perform  specific  manage¬ 
ment  tasks.  WSDM  defines  a  basic  set  of 
standard  capabilities  that  can  be  extend¬ 
ed:  Identity,  Description,  Metrics,  Con¬ 
figuration,  State,  Operational  Status  and 
Advertisement. 

WSDM  supports  two  kinds  of  relation¬ 
ships:  simple  information  about  a  relation¬ 
ship  between  resources,  and  those  that 
have  their  own  properties  and  behavior 
and  are  accessible  via  Web  services  direct¬ 
ly  Relationships  can  be  discovered  from 
manageable  resources  directly  or  from  rela¬ 
tionship  registries. 

The  WSDM  Event  Format  (WEF)  is  an 
XML  format  that  enables  interpretation  of 
management  events  from  different 
sources.  The  WEF  organizes  event  data 
into  three  categories:  the  event  reporter, 
the  event  source  and  situation  data,  each 
of  which  contains  a  few  standard  proper¬ 
ties  found  in  most  management  events 
and  may  be  extended  to  add  situation- 
specific  data. 

WSDM  provides  the  foundation  for  inte¬ 
grated  management  of  business  systems 
across  a  corporation  and  between  corpo¬ 
rations.  This  evolution  will  eventually 


eliminate  the  need  for  management- 
specific  infrastructures,  custom  integra¬ 
tion  of  managers  and  custom  business 
system-management  applications. 


Kreger  is  a  management  and  Web  sewices 
architect  for  IBM  and  ccxhair  of  the  OASIS 
WSDM  Technical  Committee.  She  can  be 
reached  at  kreger@us.ibm.com. 


I  fear  that  my  PC  has  been  infected  with  botnet 
software.  None  of  my  spyware  detection  or 
anti-virus  software  detects  anything,  but  my 
computer  has  slowed  to  a  crawl  and  often  runs 
at  close  to  100%  CPU  utilization  when  I  have  only 
one  browser  window  open.  What  can  I  do  to  find 
the  culprit  and  clean  the  machine? 

If  you  cannot  wipe  the  machine  clean  and  start  fresh, 
you  may  be  able  to  ferret  out  the  offending  software  by 
using  a  personal  firewall  program,  such  as  Kerio 


Personal  Firewall  or  Zone  Alarm,  which  will  block  out¬ 
bound  connections  and  incoming  traffic.  Turn  off  the 
Microsoft  System  Restore  feature  in  the  My  Computer 
properties,  as  many  malware  programs  hide  installation 
kits  there  so  that  they  get  reinstalled  if  you  find  and 
remove  them,  Configure  the  firewall  to  block  all  traffic 
by  default,  and  to  prompt  for  permission  on  every  con¬ 
nection  attempt.  Reboot  the  system  and  watch  the  fire¬ 
wall  prompts.  Deny  everything  that  you  don’t  under¬ 
stand,  and  look  for  repeated  connection  attempts  from 


programs  that  you  didn’t  launch.  With  luck,  you  can  find 
the  primary  cuiprit.  With  that  clue  you  can  search  the 
Web  to  identify  the  suspect  program. 

If  you  are  careful  and  don't  remove  real  operating  sys¬ 
tem  files,  you  can  delete  the  suspect(s)  and  repeat  the 
procedure  until  your  computer  behaves. 

Blass  is  a  network  architect  at  Change@Work  in 
Houston.  He  can  be  reached  at  dr.interriet@changeat 
work.com. 
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An  impressive  photo-archiving  tool 


GEARHEAD 

INSIDE  THE 
NETWORK 
MACHINE 

Mark  Gibbs 


List  week  we  were  discussing  how 
we  were  trying  to  set  up  an  online 
photo  gallery  and  how  we  wound  up 
writing  some  code  to  generate  the 
XML  data  file  that  was  required  by 
the  Flash-based  gallery  system  we 
took  a  liking  to  for  the  project. 

We  also  discussed  the  RealBasic 
cross-platform  development  system 
we  used  to  build  our  XML  generator. 
We’ve  had  a  little  more  time  to  get  to 
know  this  product,  and  it  really  is 
amazing  and  easy  to  use. 

One  of  the  really  clever  things  in  RealBasic  becomes  evi¬ 
dent  when  you  are  designing  an  application  and  moving 
components  around  on  a  window:  Layout  lines  automati¬ 
cally  appear  to  show  the  distance  between  components, 
and  highlights  show  their  centers  and  edges.  It  can  even 
snap  components  to  the  edges  of  other  components. 

When  it  comes  to  coding  applications  you  can  often 
just  add  a  few  lines  to  specific  events,  such  as  button 
clicks  and  “mouseovers, ’’and  voila.an  application  is  born. 
There’s  support  for  Apples  Spotlight,  serial  ports  and 
even  threads! 

Our  only  complaint  is  that  you  can’t  see  the  code  of  your 
entire  program;  you  can  only  see  individual  events,  which 
makes  it  a  little  more  difficult  to  keep  track  of  everything 
that’s  going  on.  Even  so,  we  score  RealBasic  at  9.5  out  of  10. 

RealBasic  Standard  costs  $100,  and  $400  gets  you  the 


Professional  edition,  which  includes  cross-platform  compil¬ 
ing,  SSL  support,  and  database  connectors  for  Oracle,  SQL 
Server,  FileMaker  Server  and  MySQL. 

The  program  worked  well,  but  with  1,000  files  we’d  need 
to  do  a  lot  more  to  have  a  really  manageable  system.Then 
we  were  contacted  by  reader  Dave  Morris:  “Please  allow 
me  to  recommend  Coppermine  Photo  Gallery  (http://cop 
permine-gallerynet).  It  is  full-featured,  easy  to  use  and  free! 

This  is  a  remarkable  gallery 
system  that  appears  to  be  very 
powerful. 

It  is  based  on  PHP  and  MySQL  and  therefore  doesn’t 
require  Flash  or  anything  else  to  run  on  any  platform  with 
any  modern  browser!” 

He  also  shamelessly  asked  us  to  plug  his  site,  Free  IT 
(www.freeit.net),  which  has  as  its  goaL’to  introduce  excel¬ 
lent  and  cost-effective  alternative  solutions  for  your  busi¬ 
ness  and  computing  needs,  with  the  realization  that  most 
people  are  not  interested  in  the  technology  for  technolo¬ 
gy’s  sake,  but  the  end  result.”  This  is  to  say  he  is  all  about 
open  source  and  there’s  some  good  stuff  there. 

Anyway  Morris  is  correct:  Coppermine  is  really  really 
good.  It  is  a  breeze  to  install,  and  the  only  problem  you’re 
likely  to  have  is  setting  the  correct  permissions  on  the 
image  directories. 


Along  with  PHP  and  MySQL,  Coppermine  requires  a  Web 
server  and  the  GD  Library  (www.boutell.com/gd,  or  any 
version  of  ImageMagick  (www.imagemagick.org). 

Among  its  exhausting  list  of  features,  Coppermine  makes 
it  possible  to  organize  pictures  in  categories  and  albums; 
allows  you  to  bulk-upload  pictures  to  a  subdirectory  and 
then  to  an  album;  supports  multimedia;  allows  creation  of 
thumbnails  and  intermediate-size  images;  lets  you  search 
picture  metadata;  displays  a  selection  of  last-added  as  well 
as  random  pictures;  supports  private  galleries  and  groups; 
supports  multiple  languages;  lets  you  add  comments  and 
ratings  to  pictures  and  send  pictures  in  e-cards;  and  has  a 
slideshow  viewer. 

In  short,  this  is  a  remarkable  gallery  system  that  appears 
to  be  very  powerful  and  easy  to  administer.  The  default 
look-and-feel  is  a  little  clunky,  but  we  changed  our  look- 
and-feel  to  be  Mac  OS  X-like.  If  you  want  to  check  out  our 
gallery  of  favorite  football  shots,  drop  us  a  note  with  the 
subject  “Photos”  and  we’ll  send  you  the  link. 

Well,  it  will  be  Thanksgiving  in  a  few  days  so  we  have  to 
go  and  brine  our  turkey  What,  you’ve  never  brined  a 
turkey?  Once  you’ve  tasted  soy-brined  turkey,  you’ll  won¬ 
der  how  you  ever  had  Thanksgiving  without  it.  Drop  us  a 
message  with  the  subject  “Turkey  and  we’ll  send  you  the 
technical  instructions. 

Bon  appetite!  No  eructations  to  gearhead@gibbs.com. 
Oh  yeah,  don't  forget  Gibbsblog  ( www.networkworld.com/ 
weblogs/gibbsblog/). 


CooUools 

Quick  takes  on  high-tech  toys.  Keith  Shaw 


A 


For  years,  companies  have  tried  different  approaches  to  get  peo- 
,  pie  to  add  video  to  their  phone  calls.The  latest  effort  is  from  Sony 
and  Glowpoint,  which  last  week  launched  a  consumer  version  of 
Sony’s  Instant  Video  Everywhere  (IVE,  pronounced  “ivy”)  service.  The  basic  IVE 
service  will  let  consumers  make  free,  unlimited  voice  and  video 
calls  to  other  IVE  members.Think  Skype  with  the  addition 
of  a  Webcam. 

What  will  make  users  flock  to  IVE?  Other  services,  espe¬ 
cially  in  the  videoconferencing  arena,  have  a  head  start. 

Sony  and  Glowpoint  say  their  software  lets  people  make 
video  calls  as  easily  as  they  make  telephone  calls.  “VoIP 
technology  has  been  around  for  years,  and  the  ones  who 
did  it  were  the  geeks  among  us,” says  Michael  Brandofino, 

Glowpoint’s  CTO.  “The  technology  didn’t  really  take  off 
until  Vonage  let  you  plug  in  a  regular  phone  to  their 
equipment  to  make  VoIP  calls  without  having  to  worry 
about  the  technology 

Unlimited  free  video  calls  will  help  also. The  company 
says  it  hopes  people  will  take  advantage  of  free  video 


Sony's  Instant  Video  Everywhere  service  adds 
video  to  IP  phone  calls. 


calling  and  use  IVE  as  they  use  a  phone  —  when  they’re  at  home,  at  a  hot  spot 
such  as  a  coffee  shop,  or  sitting  in  an  airport  lounge,  they’ll  be  able  to  use  the 
broadband  connection  to  make  a  video  call  (only  128K  bit/sec  of  bandwidth, 
more  than  enough  on  a  standard  DSL  or  cable  modem  connection). 

Much  depends  on  how  successful  the  IVE  viral  marketing  plan  is.  Getting  friends 
and  family  to  sign  on  depends  on  how  easy  the  product  is  to  install  and  use.  Even 
more  difficult  is  getting  people  to  change  their  calling  habits.  It’s  easy  to  convince  a 
mobile  worker  three  time  zones  away  that  making  a  video  call  to  a  child  is  worth¬ 


while,  but  are  there  other  needs  for  consumer  video  calls?  The  video-phone  hurdle 
is  a  big  one;  there  are  times  when  we  don’t  want  others  to  see  what  we  look  like. 

Sony  and  Glowpoint  officials  understand  this,  and  they  plan  to  market  the  IVE  ser¬ 
vice  to  the  scenarios  where  video  calling  makes  the  most  sense.  For  example,  one 
use  is  to  promote  the  service  to  gamers.  In  an  online  poker  scenario,  seeing  your 
opponents  might  help  you  make  an  educated  guess  as  to  whether  they’re  bluffing. 

Sony  also  plans  to  use  the  IVE  service  as  a  way  to  market  and  sell  other  Sony 
products.  Every  IVE  user  will  have  access  to  a  Sony  Video  Fbrtal,  accessed  by  dial¬ 
ing  7669  (stands  for  SONY). The  portal  lets  users  view  movie  clips, 
gaming  demos  and  other  Sony-related  content.  Future 
Sony  Vaio  notebooks  will  include  embedded  Webcams 
as  well  as  pre-loaded  IVE  software.  The  IVE  software 
works  with  any  Webcam  and  PC  (no  Macintosh  support 
just  yet),  but  the  less  people  have  to  install  on  their  sys¬ 
tems,  the  better. 

I’m  more  intrigued  by  using  the  service  for  business. 
Companies  that  don’t  want  to  pay  for  videoconferencing 
may  let  their  employees  make  the  free  calls  to  get  their 
feet  wet.  A  lot  of  IVE's  cool  features  —  a  video  mailbox, 
the  ability  to  make  VoIP  calls  to  cell  phones  or  regular 
phones,  as  well  as  video  calls  to  other  IP  and  ISDN-based 
video  systems  —  will  have  an  associated  cost.  The 
Premium  version  of  IVE  will  cost  $9.95  per  month, and  the 
which  is  meant  more  for  the  small-to-midsize  business 


Professional  version 
market  —  will  cost  $19.95  per  month,  Glowpoint  officials  say. 

But  the  first  step  is  there  —  providing  users  a  chance  to  sign  up  for  free  and  give 
them  the  ability  to  make  free  voice  and  video  calls  to  other  IVE  members.  Whether 
consumers  take  the  next  giant  step  toward  video-phone  calling  will  be  the  difference 
between  a  success  story  and  just  another  attempt  in  the  video  phone’s  history 

Shaw  can  be  reached  at  kshaw@nww.com. 


STORAGE  ROOM  TRANSFORMED  INTO  PEDIATRIC  CLINIC.  Bumrungrad  Hospital,  Southeast  Asia’s 
largest  healthcare  facility,  created  a  kid-friendly  pediatric  clinic  out  of  a  10,000-square-foot  medical 
records  unit.  How?  An  ultra-scalable,  4-way  Intel®  Xeon®  processor-based  system  improved  data 
reliability  and  made  records  paperless.  Read  more  about  Bumrungrad  Hospital’s  experience  with  Intel 
built  in  at  intel.com/builtin. 


'orpoiatinn  or  ns  snljsutiafjes  in  the  United  Sia! 
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On  Technology 

John  Dix 

Zimbra:  Upping 
the  bar  on  e-mail 

Two  interesting  tools  were  on  display  at  the  recent  Open 
Source  Business  Conference  in  Boston,  one  a  feature- 
rich  e-mail  system  and  the  other  a  code  review  tool  to 
help  you  avoid  license  squabbles. 

The  e-mail  offering  is  from  Zimbra,  a  venture-funded  start¬ 
up  that  has  pieced  together  several  open  source  compo¬ 
nents  to  build  the  Zimbra  Collaboration  Suite. The  current 
beta  includes  both  a  server  and  a  browser-based  Web  client 
that  is  built  using  Asynchronous  JavaScript  and  XML,  the  so- 
called  AJAX  pack. 

AJAX  enables  browser-based  applications  to  behave  more 
like  client-based  code  by  “constantly  moving  small  pieces  of 
information  between  browser  and  server,  changing  what  you 
see  without  reloading  the  full  page,”  Zimbra  says. 

The  Zimbra  server  talks  to  other  clients  via  IMAP  POP 
Microsoft  MAPI  and  iCAL.and  can  be  integrated  with 
Active  Directory  and  LDAPdirectories. 

But  what  sets  Zimbra  apart  are  the  client  features.The  tool, 
for  example,  tracks  conversations,  appending  a  number  to 
each  new  message  in  a  string  and  allowing  you  to  view  all 
messages  in  a  particular  conversation. 

Zimbra  also  has  a  slick  feature  that  lets  you  create  tags  and 
append  them  to  messages,  after  which,  regardless  of  what 
folders  you  put  the  messages  in,  clicking  on  the  tag  brings  all 
relevant  messages  front  and  center. 

Other  cool  features  include  the  ability  to:  mouse  over  a 
date  in  a  message  to  open  your  calendar;  mouse  over  the 
name  of  a  message  sender  to  display  contact  information; 
mouse  over  a  Web  address  to  bring  up  a  preview  page;  and 
search  messages  by  date  ranges,  attachment  types  and  the 
domain  of  the  sender. 

You  can  preview  the  product  at  www.zimbra.com  and  even 
download  an  evaluation  copy  of  the  network  edition  server. 

The  other  interesting  tool  at  OSBC  was  a  service  from  Black 
Duck  Software  that  lets  you  scan  code  for  stuff  that  shouldn’t 
be  in  there  —  whether  it  is  open  source  code  in  your  home¬ 
grown  programs  or  vice  versa. 

While  the  company’s  code  analysis  service  has  been  avail¬ 
able  since  last  year,  it  just  announced  the  ability  to  scan  for 
specific  strings  such  as  GPL  code, says  CEO  Douglas  Levin. 

The  service  is  based  on  two  knowledge  bases,  Levin  says. 
One  is  an  80M-byte  database  containing  millions  of  code 
prints  that  Black  Duck  updates  weekly  and  the  other  is  a 
repository  of  the  customer’s  proprietary  code. 

Both  are  used  to  scan  code  looking  for  violations  that  can 
land  users  in  hot  water,  especially  where  open  source  tools 
are  used.  Black  Duck’s  services  range  in  price  from  $9,500  to 
$25,000. 

—  John  Dix 
Editor  in  chief 
jdix@nww.com 


Hamming  it  up 

Regarding  “Cisco  talking  IP-radio  nets”  (www.net 
workworld.com,  DocFinder:  9726):  It  is  truly  interest¬ 
ing  to  see  technology  that  was  pioneered  by  ama¬ 
teur  radio  operators  (hams)  become  mainstream. 
For  several  years,  hams  have  been  pushing  this  tech¬ 
nology  forward  and  using  it  to  communicate  across 
the  globe.  Right  now,  I  can  use  my  HT  (walkie-talkie) 
to  talk  with  storm-ravaged  areas  —  Alaska,  Europe, 
Australia  and  even  Antarctica.  What  irritates  me  is 
that  1  have  read  nothing  that  credits  the  hams  who 
have  pioneered  this  concept.  Hams  did  it  first!  Give 
credit  where  credit  is  due. 

Ken  Linder 
Henderson,  Nev. 

Surviving  in  IT 

Mark  Gibbs’  BackSpin  column  “How  to  survive  in  IT” 
(DocFinder:  9821)  struck  a  nerve  with  me.  I  see  it  so 
much  in  our  field:  the  company  asking  more  and 
more.  I  have  taken  myself  off  the  management  track 
for  that  very  reason.  I  have  a  family  and  a  life.  I  still 
work  weekends  and  travel  a  bit,  but  I  go  home  at  5 
p.m.just  about  every  day  Unless  it  is  a  network-down 
emergency  as  Cisco  would  say  my  life  is  more  impor¬ 
tant.  I  carry  only  a  pager,  to  keep  some  distance  from 
the  office  and  the  silly  calls  on  the  weekends  that 
should  never  happen. 

We  just  had  a  mutiny  at  our  department. 
Personnel  haven’t  been  replaced,  and  staff  was 
going  on  many  back-to-back  trips  for  two,  some¬ 
times  three  weeks  a  month.  Finally,  we  all  said  no  to 
another  demand  for  extra  travel.  I  am  sure  there 
will  be  repercussions,  but  you  can  only  ask  so 
much  from  your  staff.  Personally  I  wish  we  would 
unionize  for  better  treatment,  but  I  know  that’s  just 
a  pipe  dream. 


During  times  likes  this,  I  remember  a  quote  my 
father  told  me:“No  one  ever  said  on  their  death  bed, 
‘I  wish  1  had  spent  more  time  at  the  office.’” 

Craig  Bonvechio 
Twinsburg.Ohio 

Getting  smart 

Regarding  the  Face-off  “Are  smart  networks  worth 
the  investment?”  (DocFinder.  9822):  As  we  attempt  to 
wring  more  efficiencies  out  of  our  networks,  they 
will  have  to  get  smarter. The  key  is  to  figure  out  what 
kind  of  smarts  work  best. 

Cisco’s  [Application-Oriented  Networking]  pro¬ 
vides  a  powerful  filtering  mechanism  that  is  more 
useful  than  the  current  access-list  paradigm  that  pri¬ 
marily  relies  on  addresses  and  ports.  For  years,  we’ve 
wanted  fine-grained  controls  on  routing  traffic  of 
differing  priorities.  Current  policy  routing  and  QoS 
selection  mechanisms  are  too  coarse. 

When  I  think  of  the  negative  points  of  the  smart 
network,  1  wonder  who  is  responsible  for  designing, 
building  and  troubleshooting  the  controls  for  modi¬ 
fying  content  within  the  network?  1  can  imagine  a 
banking  transaction  being  in  error  as  it  transits  the 
network.  Debugging  in  this  environment  is  likely  to 
be  an  order  of  magnitude  more  difficult,  because 
there  are  many  additional  places  where  the  data 
can  be  changed.  It  is  clear  that  the  application  devel¬ 
opment  staff  and  the  network  staff  will  have  to  be 
much  cozier  than  they  have  been  to  make  smart  net¬ 
works  successful. 

Terry  Slattery 
CEO  and  founder 
Netcordia 
Annapolis,  Md. 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix.  editor  in 
chief,  Network  World.  1 18  Turnpike  Road.  Southborough,  MA  01 772. 
Please  include  phone  number  and  address  hr  aerification. 
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Put  a  stop  to  painful  application  performance.  Here’s  how  » 


NETWORKS 


NETWORK  EXCELLENCE 


Are  your  remote  and  branch 
offices  fightin’  mad? 

As  your  business  grows,  so  do  your  headaches.  Remote  and  branch- 
office  users  expect  the  same  level  of  application  performance  you 
deliver  to  headquarters.  Anything  less  and  they’ll  quickly  blame  you. 

So  it’s  up  to  you -and  your  network -to  maintain  that  peak  level  of 
performance  everywhere,  improving  productivity  and  avoiding  user  frustration. 


Juniper  Networks  can  help.  Our  application  acceleration  platforms  speed  the 
performance  of  web-based  client-server  applications  for  all  users  across  your 
business -whether  they’re  in  the  next  cubicle  or  on  another  continent.  The 
result  is  a  far  more  efficient  experience  for  all,  using  any  and  every  networked 
application.  And  by  delivering  LAN-like  performance  to  branch-office  users, 
telecommuters  and  road  warriors  alike,  everyone  is  more  productive. 


►  SECURE  AND  ASSURED  NETWORKING. 
SUPERIOR  AND  SPEEDY  PERFORMANCE. 


Juniper  Networks’  innovative  application  acceleration  platforms  reduce  IT 
costs  by  enabling  data  center  consolidation  and  server  centralization -letting 
you  cut  hardware  and  application  expense  while  simplifying  administration, 
management  and  regulatory  compliance.  You  get  industry-leading  performance 
and  security  while  reducing  network  and  infrastructure  costs  on  everything 
from  web  servers  and  application  licenses  to  data  center  hardware  and 
WAN  services. 
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We  tested  Juniper  Networks  WX  50  and  WX  20 
systems  between  our  headquarters  and  remote 
sites  and  noticed  an  immediate  improvement  in 
application  performance  across  our  wide  area 
network.  We  were  delighted  to  find  a  solution 
that  could  easily  plug  into  our  network  and 
operate  with  minimal  setup.  77 

-  Bill  Robertson, 

IT  Manager ;  De  Bortoli  Wines 


►  EXPECT  MORE  FROM  YOUR  NETWORK.  NOW. 

Get  solutions  specifically  crafted  to  accelerate  your  application  -  only  from 
Juniper  Networks.  For  your  free  trial  and  customized  Network  Health  Report, 
visit  www.juniper.net/freetrial 


www.juniper.net 

888-JUNIPER  (888-586-4737) 
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Sorting  through  software  as  a  service 


Software  as  a  service  has  moved  quickly  from 
a  peripheral  idea  to  a  mainstream  phenom¬ 
enon.  While  it’s  often  associated  with  such 
applications  as  customer  relationship  manage¬ 
ment  (CRM)  and  such  providers  as  Sales- 
force.com,  there  are  many  other  software-as-a-ser- 
vice  applications  and  providers  addressing 
numerous  other  IT  and  business  needs.  As  the 
number  of  alternatives  grows,  the  time  has  never 
been  better  to  take  advantage  of  on-demand  soft¬ 
ware  to  meet  corporate  objectives. 

Software  as  a  service  is  not  a  new  idea  but  an 
outgrowth  of  the  application-hosting  companies 
and  application  service  providers  (ASPs)  that 
emerged  in  the  dot-com  era.  Although  most  ASPs 
and  hosting  pioneers  disappeared  because  main¬ 
stream  customers  were  not  ready  to  adopt  their 
products,  software  as  a  service  today  is  capturing 
broader  attention  and  wider  adoption  because  of 
two  key  market  drivers. 

The  first  is  users’  escalating  frustration  with  the 
hassles  and  costs  of  implementing  complex  appli¬ 
cations.  Stories  of  failed  deployments  are  wide¬ 
spread,  and  the  exponential  maintenance  and 
management  costs  of  keeping  successful  deploy¬ 
ments  up  and  running  are  well  documented. 
Traditional  applications  also  have  been  inflexible 
and  unable  to  respond  quickly  and  easily  to  fluc¬ 


tuating  business  requirements. 

The  second  key  driver  behind  the  recent  surge 
in  software  as  a  service  is  the  emergence  of  tech¬ 
nologies  that  permit  traditional  packaged  appli¬ 
cations  to  be  swapped  for  Internet-based  services. 
Technologies  such  as  service-oriented  architec¬ 
ture,  Web  services  and  broadband  networking  are 
making  software  as  a  service  possible. 

As  a  result  of  these  key  drivers,  the  market  for 

The  time  has  never  been 
better  to  take  advantage  of 
on-demand  software. 

this  application-delivery  model  is  experiencing 
significant  growth.  A  recent  Web  survey  by  Think- 
strategies  in  conjunction  with  Cutter  Consortium 
found  that  almost  a  third  of  1 18  respondents  use 
software  as  a  service.  Another  third  are  consider¬ 
ing  it,  with  a  majority  expecting  to  adopt  it  within 
the  next  12  months. 

The  survey  also  found  that  nearly  all  current 
users  are  satisfied  with  software  as  a  service,  ex¬ 
pect  to  acquire  additional  offerings,  and  would 
recommend  it  to  other  companies. 

With  industry  acceptance  and  adoption  on  the 
rise,  the  competitive  landscape  for  software  appli¬ 


cations  is  being  fundamentally  transformed. 
Several  independent  providers  of  software  as  a 
service  have  followed  Salesforce.com’s  lead  and 
benefited  from  successful  IPOs  in  2005,  including 
CRM-application  provider  RightNow  and  talent- 
management-software  company  Taleo. 

The  success  of  independent  providers  of  soft¬ 
ware  as  a  service  has  also  disrupted  established 
players.  Siebel’s  fall  from  atop  the  CRM  and  sales- 
force-automation  market  and  its  acquisition  by 
Oracle  were  direct  consequences  of  Sales¬ 
force.com’s  onslaught.  Microsoft’s  recent  promise 
to  deliver  Web-based  software  services  in  early 
2006  is  as  much  about  keeping  pace  with  inde¬ 
pendent  providers  of  software  as  a  service  as  it  is 
an  attempt  to  counter  Google’s  aggressive  moves. 

These  trends  are  good  for  corporate  decision 
makers  who  are  tired  of  traditional  software  appli¬ 
cations.  Intensifying  competition  will  give  compa¬ 
nies  plenty  of  choices  at  favorable  prices.  Now  is 
the  time  to  begin  to  evaluate  and  test  software  as 
a  service  in  various  areas  of  your  IT  and  business 
operations  to  determine  how  it  can  satisfy  your 
requirements. 

Kaplan  is  managing  director  ofThinkstrategies,  a 
consultancy  in  Wellesley,  Mass.  He  can  be  reached 
at  jkaplan  @thinkstrategies.  com. 


Dawn  of  the  consumer  communications  era 


The  communications  industry  has  a  new  focal 
point.  Forty  years  ago,  it  was  military  defense 
(secure  messaging)  .Thirty  years  ago, the  focal 
point  shifted  to  the  corporate  marketplace  (IBM’s 
SNA). Twenty  years  ago,  it  shifted  to  the  academic 
world  (the  Internet).Ten  years  ago.it  shifted  to  ser¬ 
vice  providers  and  carriers  (cable,  cellular  wire¬ 
less,  frame  relay  ATM,  optics  and  IP).  Five  years  ago, 
the  implosion  of  the  communications  industry 
created  a  state  of  turmoil,  with  no  single  industry 
segment  the  driving  force  for  new  communica¬ 
tions  technology  and  investment. 

Now,  that  has  changed.  Over  the  past  five  years, 
the  consumer  slowly  has  emerged  as  the  focus  of 
venture  capital  and  technology  investment. 

Today  the  corporate  marketplace  is  not  follow¬ 
ing  a  philosophy  of  replacement  but  rather  a  phi¬ 
losophy  of  adding  on  as  necessary  and  accom¬ 
modating  legacy  technology  Maturity  has  arrived, 
and  decisions  to  upgrade  or  replace  are  now  busi¬ 
ness-  rather  than  technology-driven.  Security  and 
compliance  are  the  most  important  issues,  rather 
than  upgrades  for  faster  access  or  greater  QoS. 

Change  is  occurring  dynamically  among  service 
providers  and  carriers.  Ten  years  after  most  corpo¬ 
rations  adopted  IP  as  their  unifying  communica¬ 
tions  strategy,  carriers  have  decided  to  join  the 
fold.The  driving  force  behind  this  change  of  heart 
is  the  consumer.  We  now  hear  service  providers 
and  carriers  directing  such  terms  at  consumers  as 
VolPInternet-protocol  TV  video  on  demand,  home 
security  content  and  triple  play 
Venture  capitalists  are  aggressively  seeking  enter¬ 


tainment  or  media  investments  —  but  they’re 
searching  not  only  for  an  Apple  iTunes  killer  or 
the  next  Google,  but  also  for  the  next  intellectu¬ 
al-property  or  software-application  product  or 
services  start-up  to  sell  to  Apple  or  Google.  In  the 
consumer-focused  reality  of  2005,  the  investment 
required  to  achieve  a  six  or  seven  times  rate-of- 
return  exit  in  a  reasonable  time  frame  is  ex¬ 
tremely  difficult  for  a  communications  infrastruc¬ 
ture  or  software  start-up. 

Consumers’  buying  power  and  fickleness  create 
constant  change  in  the  marketplace.  Add  to  the 

Get  ready  for  21st-century 
communications  —  the 
age  of  the  consumer. 

mix  the  marketplace’s  orientation  to  youth  with 
ready  disposable  income,  and  we  have  all  the 
ingredients  for  selling  and  delivering  hot  products 
and  services  dynamically  via  almost  any  IP  net¬ 
work.  These  market  dynamics  — high  risk,  low  or 
medium  investment,  numerous  exit  paths,  high 
ROI  and  short-term  focus  —  are  attractive  to  ven¬ 
ture  capitalists. 

To  survive, service  providers  and  carriers  have  to 
focus  on  consumers.  Although  corporate  cus¬ 
tomers  provide  the  majority  of  revenue,  profits  are 
another  matter.  Corporate  services  cost  more  than 
consumer  services  to  deliver,  manage  and  main¬ 
tain.  The  classic  consumer  service  —  voice  —  is 
under  significant  market  pressure  from  competi¬ 


tion  and  disruptive  technologies  such  as  the  In¬ 
ternet.  Shifting  your  strategy  from  transport  to  ser¬ 
vices,  marginally  successful  with  corporate  cus¬ 
tomers,  shows  signs  of  being  wildly  successful  in 
the  high-margin  consumer  segment.  Just  look  at 
the  cost  of  a  ring  tone  and  you  can  envision  the 
unbelievable  profit  margin  for  services. 

The  consumer  market  is  also  enticing  to  tech¬ 
nologists;  its  opportunities  seem  to  be  unbound¬ 
ed.  Peer-to-peer  management,  instant-messaging 
and  identity-theft  security  next-generation  person¬ 
al  firewalls,  image  recognition  and  retrieval,  and 
digital  music  and  video  transmission,  storage  and 
retrieval  —  these  are  some  of  the  potential  areas 
of  the  consumer  marketplace  where  technologists 
could  add  value  dramatically  Skills  learned  in  the 
corporate  and  service  provider  and  carrier  market 
segments  are  not  worthless,  but  in  fact  are  re¬ 
quired  to  upgrade  and  enhance  the  consumer 
communications  experience. 

Remember,  communications  technology  is  not 
market-  or  industry-bound;it  seeps  daily  from  one 
market  segment  into  another.  After  next-generation 
technology  succeeds  in  the  consumer  market,  it 
will  be  only  a  short  time  before  it  morphs  and 
migrates  into  the  corporate  and  service  provider 
and  carrier  segments.  Get  ready  for  21st-century 
communications  —  the  age  of  the  consumer. 

Dzubeck  is  president  of  Communications 
Network  Architects,  an  industry  analysis  firm  in 
Washington,  D.  C.  He  can  be  reached  at 
f dzubeck  @commnetarch.  com. 
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California  Department  of  Technology  Services  implements  a 
new  security  infrastructure  to  address  compliance  needs. 


_  Organizations  today  do  not  own  the  personal  information 
they  use.  They  are  its  custodians  and  are  responsible  for 
keeping  it  safe.  This  is  not  only  a  moral  responsibility,  but 
*  also  mandated  by  government  regulations. 

Protecting  personal  data  was  the  challenge  facing  the 
California  State  Department  of  Technology  Services  (DTS), 
responsible  for  providing  IT  services  to  government  and 
related  organizations  throughout  California. 

The  Health  Insurance  Portability 
and  Accountability  Act  of  1996 
(HIPAA),  requires  organizations  to 
protect  communications  containing 
health  information.  Under  the 
act,  information  systems  must 
be  protected  from  intruders  and 
confidential  data-in-motion  must 
be  secured. 

This  represented  a  significant 
challenge  for  DTS,  as  they  deliver 
applications  and  services  through  a  distributed  network  of  mainframes 
and  client-server  based  systems.  And  among  these  systems  is  a  proprietary 
healthcare  records  management  application  that  supports  tens  of  thousands 
of  unique  users,  communicating  with  distributed  servers  on  multiple 
platforms. 

In  order  to  comply  with  HIPAA,  DTS  had  to  secure  the  personal  healthcare 
data  flowing  through  its  network.  They  needed  a  secure  communications 
network,  managed  from  a  central  point,  that  was  flexible  enough  to  support 
the  state's  heterogeneous  environment,  and  yet  scaleable  enough  to  cover 
their  user  base. 

Plus,  any  solution  had  to  have  the  necessary  audit  trails  to  demonstrate 
compliance,  allowing  them  to  reduce  their  overall  audit  costs. 

Like  most  organizations,  DTS  couldn't  afford  to  replace  their  existing 
applications,  nor  embark  on  an  extensive  training  program,  so  any  security 
system  they  selected  had  to  be  transparent  to  both  the  users  and  applications. 
"We  initially  evaluated  an  IPSec  solution  for  our  security  and  compliance 
requirements,  but  it  lacked  the  scalability  we  needed,  and  simply  couldn't  handle 
the  multiple  operating  system  platforms  we  use,"  said  Tim  Funk,  senior  director 
of  IT  security,  Department  of  Technology  Services. 


The  Solution:  EpiForce 

After  performing  extensive  evaluations,  DTS  selected  EpiForce  from  Apani 
Networks,  the  leading  provider  of  security  for  inside  the  perimeter.  EpiForce 
is  an  enterprise  scale  product  that  secures  data-in-motion  and  protects  data- 
at-rest,  regardless  of  platforms. 


And  with  the  scalability  to  meet  all  their  present  and  anticipated  future 
needs,  EpiForce  enables  DTS  to  support  each  of  its  varied  governmental 
constituencies,  ranging  from  the  Children's  Welfare  Department  to  the 
University  of  California. 

According  to  Tom  Jones,  the  former  Chief  Information  Security  Officer  at 
DTS,  "EpiForce  has  provided  us  the  flexibility  and  scalability  to  effectively  support 
our  HIPAA  compliance  and  ensure  confidential  patient  data  remains  secure”. 

Not  only  does  EpiForce  transparently  secure  data  flows  throughout  their 
diverse  environment,  but  it  automatically  enforces  security  relationships 
defined  through  a  centralized  management  infrastructure.  As  new  security 
policies  are  identified,  additional  users  or  new  associations  are  established, 
policies  are  adjusted  centrally  and  implemented  automatically  by  the  system 
in  real  time. 

Plus  the  ability  to  dynamically  segment  users  and  applications,  creating  a 
range  of  security  zones  and  closed  user  groups,  was  ideal  for  implementing 
security  policies  within  large  and  diverse  environments.  "Establishing  security 
zones  with  different  levels  of  administrative  authority  eased  deployment  and 
management  challenges",  said  Funk. 


EpiForce  enables  dynamic  network  segmentation 
to  automatically  enforce  security  policies 


EpiForce  provides  additional  protection  for  DTS  by  ensuring  that  both 
the  sender  and  recipient  of  data  authenticate  and  approve  each  other's 
data  transmittals  and  receipts,  as  well  as  reporting  on  any  "out  of  bounds" 
activity. 

Implementing  this  new  security  layer  designed  to  lock  down  inside  the 
perimeter  enabled  DTS  to  not  only  meet  its  obligations  under  HIPAA,  but  also 
to  augment  its  existing  perimeter  based  security,  providing  it  with  a  security 
architecture  that  covers  its  entire  environment,  and  with  the  capability  to 
expand  to  meet  the  next  data  security  challenge  -  whatever  that  may  be. 


To  learn  more,  get  a  free  copy  of  “The  Definitive  Guide  to 
Security  Inside  the  Perimeter”  from  Realtimepublishers. 

Go  to  www.apani.com/secureinside 
to  download  your  FREE  copy. 
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Education  All-Stars  >  These  seven  projects  are  chock-full  of 
great  connectivity  initiatives  and  cutting-edge  security  strategies  all  capa¬ 
ble  of  meeting  the  industry’s  unique  user  challenges,  page  54 


Financial  All-Stars  >  Companies  in  the  financial  services 
industry  have  long  been  among  the  most  intense  consumers  of  new 
technology  These  13  winners  are  no  exception,  page  58 


Government  All-Stars  >  Whether  taming  unruly  applica¬ 
tions,  improving  communications  or  beefing  up  security  these  five  win¬ 
ners  showcase  how  to  make  great  use  of  technology  —  all  while  oper¬ 
ating  large  and  incredibly  complex  environments,  page  66 


Healthcare  All-Stars  >  In  an  industry  renowned  for  its 
advanced  technology  these  nine  winners  stand  out  for  leading  the 
charge  into  next-generation  deployments,  page  70 


Hospitality  All-Stars  >  As  these  three  winners  prove,  the  hos¬ 
pitality  industry  is  innovatively  integrating  state-of-the-art  communica¬ 
tions  into  all  business  areas,  page  74 


Manufacturing  All-Stars  >  These  five  winners  exemplify 
how  manufacturers  continue  pushing  the  boundaries  of  the  extended 
enterprise,  page  78 


Transportation  All-Stars  >  As  these  two  winners  show,  the 
leading  edge  in  the  transportation  industry  is  marked  by  IT  projects  that 
ease  the  burden  of  regulation,  be  that  by  organizing  a  trainload  of 
paperwork  or  assisting  with  compliance,  page  82 


More  All-Stars  >  These  six  winners,  which  span  a  variety  of  ver¬ 
tical  markets,  clearly  demonstrate  how  cutting-edge  technology  can 
boost  any  type  of  business,  page  86 

Signature  Sign-off:  Where  have  you  gone,  Bobo  Holloman? 
Editorial  Director  John  Gallant  shares  his  insight  on  how  to  make  sure 
ggfj  you’re  not  a  flash  in  the  pan  but  rather  an  All-Star  worth  remembering. 
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The  Enterprise  All-Star  Issue  is  one  of  six  bimonthly  supplements  provid¬ 
ing  insights  and  information  on  the  biggest  trends  shaping  the  networked 
world.  Next  up  is  the  Power  Issue,  coming  Dec.  26, 2005.  See  all  of  our 
Signature  Series  issues  online  at  www.networkworld.com;  DocFinder:  9824 
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ALL-STAR  THELINEUP 


lit  a  league 
of  their  own 

w  The  50  Enterprise  All-Stars  have  network 
projects  so  stellar  they  are  examples  for  all. 


~  By  JULIE  BORT- 


ml  933,  Chicago’s  Comiskey  Park  hosted  the  first  major  league  All- 
Star  game,  showcasing  the  talents  of  such  baseball  greats  as 
Charlie  Gehringer  and  Babe  Ruth.  That  legendary  game 
launched  an  American  tradition,  as  all-star  matchups  became  an  annual  highlight 
of  the  pro  basketball  and  football  seasons,  too.  In  the  spirit  of  this  tradition, Network 
World  has  created  the  Enterprise  All-Star  Award,  which  honors  companies  with  tech¬ 
nology  projects  so  stellar  they  belong  in  a  league  of  their  own. 

The  50  companies  presented  here  are  Enterprise  All-Star  Award  winners  for  two 
basic  reasons.  First,  they  have  demonstrated  exceptional  use  of  technology  within 
an  industry  segment  —  education,  financial  services,  government,  healthcare,  hos¬ 
pitality  manufacturing,  transportation  and  others.  Second,  their  IT  projects  demon¬ 
strate  how  smart  use  of  technology  is  smart  business.  For  instance,  the  All-Star  win¬ 
ners  that  reported  savings  expect  to  bank  $161.5  million  collectively  from  their  proj¬ 
ects  one  year  after  implementation  —  and  $469.4  million  by  the  third  year. 

As  impressive  as  these  figures  are,  only  about  half  the  winners  named  cost-cutting 
as  a  primary  objective.  Others  were  more  concerned  with  increasing  competitive 
advantage  or  bringing  on  next-generation  applications.  For  instance,  Parkview 
Health  System,  a  healthcare  network  serving  northeast  Indiana,  earned  its  place  on 
the  list  for  building  a  SONET  network  that  gave  it  “Niagara  Falls-size”  bandwidth. The 
SONET  net  will  carry  new  lifesaving  applications  such  as  a  virtual  monitoring  serv¬ 
ice  for  intensive  care  patients. 

A  project  didn’t  have  to  be  high  budget  to  earn  a  place  on  the  list. 

Budgets  ranged  from  $30,000  to  $32  million;  $640,000  was  the  median. 

Of  the  winners  that  reported  savings,  about  60%  said  ROI  would  hit 
100%  within  the  first  year,  with  half  saying  ROI  would  be  more  than 
200%  in  that  time.  Only  two  winners  said  they  did  not  expect  their 
investment  to  be  fully  paid  for  in  hard-dollar  savings  by  the  three- 
year  mark  (but  did  expect  impressive  productivity  gains).  The 
message  is  clear;  Even  when  projects  cost  millions  of  dollars, 
smart  ones  quickly  pay  for  themselves. 

For  a  case  in  point, 
look  no  further  than  the  proj¬ 
ect  implemented  by  the  Defense 
Information  Systems  Agency’s  Center 
for  Computing  Services,  at  Maxwell  Air 
Force  Base  in  Montgomery,  Ala.  The  agency 
reported  savings  of  $140  million  in  the  first  year  of  a 
three-year,  $3  million  revamp  of  its  network  manage¬ 
ment  systems.  Others  reported  first-year  savings  of 
$36,000  to  $3  million,  with  a  median  of  $686,000. 


See  the  Enterprise  All-Sta 
list  broken  down  by 
technology,  and  more 
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First-year  ROI  ranged  from  about  6%  to  more 
than  1,000%,  with  a  mean  of  265%. 

The  roster  shows  off  projects  that  are  beacons 
of  excellence  within  vertical  industries,  too.  In 
Las  Vegas,  for  example,  Clark  County  School 
District  undertook  a  massive  VoIP  installation 
that  will  become  the  benchmark  for  others  in 
education.  Fortis  Prime  Fund  Solutions,  in 
Boston,  implemented  corporate  iSCSI  and 
demonstrated  to  the  financial  services  industry 
that  a  low-cost  alternative  can  greatly  boost 
storage  back-up  performance.  Beth  Israel 
Deaconess  Medical  Center,  also  in  Boston, 
showed  the  healthcare  industry  how  wireless 
location  tracking  can  benefit  everything  from 
workflow  to  asset  utilization. 

The  projects  also  demonstrate  technological 
innovation  across  nine  broad  segments:  appli¬ 
cations,  convergence,  e-commerce,  manage¬ 
ment,  security  servers,  storage,  WANs  and  wire¬ 
less.  On  one  side,  Reliant  Energy  in  Houston, 
pushed  application  boundaries  by  showing 
that  even  unstructured  data  created  by  word¬ 
processing  applications  can  comply  with  the 
Sarbanes-Oxley  Act.  On  another  side, 
Lockheed  Martin  managed  the  impossible  with 
an  outstanding  wireless  project.  In  an  organiza¬ 
tion  of  30,000  users,  most  of  whom  have  Wi-Fi- 
equipped  notebooks,  this  Bethesda,  Md., 
defense  contractor  locked  out  unwanted  wire¬ 
less  networks  and  other  rogue  wireless  uses. 

And  on  it  goes.  Network  executives  through¬ 
out  the  business  world  continually  undertake 
daring  and  innovative  projects  that  pay  off. 
Inside,  we  herald  50  such  projects,  inaugural 
winners  of  the  Enterprise  All-Star  Award. 


WINNERS  by  the  NUMBERS 


Number  of  projects  with  budgets 
less  than  $100,000. 


5 

12 
15 
1 
'  H 


Number  of  projects  with  budgets 
over  $1  million. 

Number  of  vendors  used  in 
more  than  one  project. 

Number  of  projects  reporting  more 
than  100%  ROI  in  the  first  year. 


Shortest  project  duration,  in  weeks 
(Fortis  Prime  Fund:  enterprise  iSCSI 
backup ). 

Total  number  of  vendors  used 
among  50  winning  projects. 
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Austin  Radiological  Association 

>  PAGE  72 

Beth  Israel  Deaconess  Medical 
Center  page  72 
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Bigari  Foods  >  page  76 
BNSF  Railway  -page  85 
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>  PAGE  76 

Citigroup  »  page  62 

Clark  County  School  District  >  page  56 

Coppin  State  University  >  page  56 

Covenant  Health  page  72 

Defense  Information  Systems  Agency  page  68 

Emerson  Process  Management  >  page  78 

Farm  Credit  Services  of  America  >  page  62 

Fidelity  Investments  >  page  62 

Fifth  Third  Bancorp  >  page  62 

Fortis  Prime  Fund  Solutions  >  page  62 

Freeze.com  >  page  87 

GMAC  Commercial  Holding  >  page  64 

Goodrich  Aerostructures  >  page  80 

H&R  Block  Financial  Advisors  >  page  64 

Intellidyn  »  page  87 

J.B.  Hunt  Transport  >  page  82 

Lake  Forest  Hospital  Foundation  page  72 

Lee  County  Sheriff’s  Office  >  page  68 

Lehman  Brothers  >  page  64 

Lockheed  Martin  >  page  80 

Medco  Health  Solutions  >  page  72 


MetroHealth  System  >  page  70 

Mine  Safety  and  Health 
Administration  >  page  66 

Mountain  States  Health 
Alliance  >  page  76 


National  Instruments 

>  PAGE  80 

Nook  Industries 

>  PAGE  80 

Novartis  >  page  76 

Parkview  Health  System  >  page  76 

Principal  Financial  Group  >  page  64 

Prudential  Financial  >  page  64 

Reliant  Energy  >  page  87 

School  District  of  Philadelphia  >  page  56 

South  Carolina  Department 
of  Revenue  >  page  68 

State  Street  >  page  58 

State  Street  Global  Advisors  >  page  64 

The  Weather  Channel  >  page  87 

The  Weather  Underground  >  page  86 

U.S.  Coast  Guard  Operations 
Systems  Center  >  page  68 

UMB  Bank  >  page  64 

United  Way  of  the  Texas 
Gulf  Coast  >  page  87 

University  of  Arkansas  >  page  56 

University  of  Miami,  Miller  School 
of  Medicine  >  page  56 

University  of  North  Carolina-Chapel  Hill 

>  PAGE  64 

West  Edmonton  Mall  »  page  74 
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>ChoosingtheEnterprise  All-Stars 

The  process  of  selecting  Network  World’s  Enterprise  All-Star  Award  winners  involved  the  work  of  13  editorial 
judges  over  the  course  of  two  months.  We  solicited  nominations  via  e-mail  invitations,  Web  site  announcements, 
online  forms  and  other  methods.  Judges  rated  each  of  the  200  nominated  projects  on  a  five-level  scale,  looking  at 
scope  and  how  well  the  nominated  company  applied  technology  to  solve  a  business  problem,  among  other  crite¬ 
ria.  High-scoring  projects  advanced  to  a  final  round  in  which  judges  rated  them  on  technology  innovation  and  the 
project's  value  as  an  industry  example. 

Watch  for  updates  on  our  2006  All-Star  competition  at  www.networkworld.com;  DocFinder:  9823. 
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Secure  Management  Appliance 

Seamlessly  integrate  equipment  connected  by 

console  servers,  KVMs  and  remote  power  managers. 

•  Consolidate  management  of  IT 
infrastructure  from  a  central  point  of 
access  through  a  simple  browser  interface 

•  Reduce  equipment  maintenance, 
diagnosis  and  repair  time 


Remote  Power  Managers 


Remote  KVM“vialP 

Manage  an  entire  room  full  of  Windows  and  Linux  servers 
from  a  single  desktop,  from  anywhere  over  the  Internet. 

•  Eliminate  need  for  multiple  keyboards, 
monitors  and  mice 

•  No  client  software  required 


Stay  cool. 
Be  remote. 


Secure  Console  Managers 

Remotely  manage  Linux™,  Unix®  and  Windows®  2003 
servers,  routers,  switches,  telecom  and  building 
access  equipment,  complete  with  BIOS-level  control. 

•  Respond  faster  and  reduce  downtime 

•  Consolidate  resources  and  minimize  costs 


Lantronix  Lets  You  Control  Your  Data  Center  From  Anywhere  - 
Without  Breaking  A  Sweat. 

Are  you  going  to  blow  your  cool  sweating  over  racks,  loading  software,  checking 
power  and  rebooting  computers  when  there’s  sooooo  many  better  things  to  do  in  life? 


Control  the  power  individually  to  every 
device  in  the  data  center  via  a  web  browser. 

•  Reboot  systems  remotely 

•  Ensure  safe  power  distribution  and  reduce 
in-rush  overload 


Don’t  bother.  You  just  need  Lantronix. 

With  SecureLinx  and  its  “lights  out”  remote  data  center  management,  you’re  in  total 
control  of  your  servers  and  IT  equipment  from  a  single  interface,  from  anywhere  at  any  time  — 
just  the  way  you  like  it.  Plus,  you  get  total  out-of-band  access  if  the  network  is  down. 

Thousands  of  customers  give  Lantronix  props  for  security,  reliability  and  performance. 

And  only  Lantronix  gives  you  a  NIST-certified  implementation  of  the  Advanced  Encryption 
Standard  (AES)*  plus  SSL  and  SSH.  With  more  than  fifteen  years  of  experience  and  millions 
of  networked  devices,  we’ve  got  your  back.  Lantronix  makes  it  easy  to  stay  cool. 

*NIST-certified  implementation  of  AES  as  specified  by  FIPS-197. 

©  Lantronix,  Inc..  2005.  Lantronix  is  a  registered  trademark,  and  SecureUnx  is  a  trademark  of  Lantronix,  Inc.  All  other  marks  are  property  of  their  respective  owners. 


LJ  Get  your  Secure 
Remote  Management 
White  Paper  at 

www.lantronix.com 


LANTRONIX 

Network  anything.  Network  everything.™ 


www.lantronix.com  I  800.422.7055 
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SUSE™  LINUX 
Enterprise  Server 


Define  Your  Open  Enterprise.™ 


What  does  Open  mean  to  you?  Community?  Security?  Risk? 
Reward?  Can  it  leverage  legacy  systems?  Consolidate  and 
simplify?  Do  you  believe  in  its  power  and  potential? 

Introducing  Novell®  software  for  the  open  enterprise™ — 
the  only  software  that  makes  Open  work  for  you.  From 
desktop  and  data  center  to  identity  management,  resource 
management  and  collaboration,  our  flexible  combination  of 
open  source  and  commercial  software  delivers  more  than 


you  ever  imagined.  The  power  to  automate  IT  asset 
management.  Freedom  from  single  vendor  lock-in.  Security 
that  keeps  the  right  information  safe  and  the  right  people 
informed.  And  the  ability  to  connect  people  to  performance 
and  business  to  possibilities.  So  you  can  build  an  open 
enterprise  that  makes  sense  for  you  —  and  your  future. 
This  is  Novell  software  for  the  open  enterprise.  The 
Open  you’ve  wanted  all  along. 


Novell* 

This  is  your  open  enterprise.™ 

www.novell.com 


Copyright  ©  2005  Novell,  Inc.  All  Rights  Reserved  Novell,  the  Novell  logo.  ZENworks  and  GroupWise  are  registered  trademarks;  SUSE. 
This  is  your  open  enterprise,  Software  tor  the  open  enterprise  and  Deline  your  open  enterprise  are  trademarks  ol  Novell.  Inc.  in  the 
United  States  and  other  countries.  All  third-party  trademarks  are  the  property  ot  their  respective  owners. 
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Education  must  secure  a  highly  PC-literate  and 
demanding  user  base  while  supporting  bandwidth- 
hungry  learning  applications  and  a  free  flow  of 
ideas.  These  challenges  make  the  seven  Enterprise 
All-Star  projects  chock-full  of  great  connectivity 
initiatives  and  cutting-edge  security  strategies. 


EDUCATION 


An  IDEAL  education 

"k  Arizona  State  University  gets  an  A+  for  building  a  unique 
portal  that  promises  sweeping  educational  change. 


Ultimately,  Hinojosa  and  as  many  as  1  mil¬ 
lion  other  students  will  have  access  to  the 
IDEAL  portal,  enabled  with  the  open  source 
uFortal  software.  For  now,  300,000  students  are 
authorized  to  log  on  to  IDEAL  to  check  out 
sample  tests;  coursework  is  not  yet  available 
but  will  be  soon. 

In  addition  to  the  students,  the  state’s  60,000 
K-12  teachers  have  access  to  the  portal,  not 
only  to  provide  supplemental  coursework  but 
also  for  links  to  student  demographics,  im¬ 
provement  guidelines,  grades  and  bench¬ 
marks.  Teachers  manage  coursework  on 
IDEAL  through  Sakai,  an  open  source  course 
management  and  collaboration  application. 

The  focus  of  this  innovative  educational  ini¬ 
tiative  is  to  use  technology  to  enable  lifelong 
learning,  says  Sam  DiGangi,  assistant  vice  pro¬ 
vost  for  IT  at  Arizona  State  University  (ASU),  in 
Tempe.“IDEAL  is  not  just  access  to  a  Web  site, 
but  accounts  that  will  stay  with  students 
through  their  schooling  and,  conceivably  their 
entire  career^’  he  says. 

ASU  is  building  the  IDEAL  network  per  a 
contract  with  the  Arizona  Department  of  Edu¬ 
cation,  which  has  invested  $5  million  in  the 
network.  ASU  contributes  technical  and 
staffing  resources. The  university  is  phasing  in 
access  on  a  rolling  basis,  with  all  students  ex¬ 
pected  to  have  authority  to  use  the  portal  by 
next  August. 

For  its  leadership  role  in  this  groundbreaking 
K-12  learning  network,  ASU  earns  recognition 
as  a  2005  Enterprise  All-Star. 


Quick  tats 


/IEDIAN  PROJECT  DURATION: 

12  months 

MEDIAN  PROJECT  BUDGET: 

$1.5  million 

noteworthy:  Project  budg¬ 
ets  in  this  category  ranged 
from  $100,000  to  $32  million, 
the  highest  on  the  All-Star  list. 


>  Jack  HSU,  IS  director 
(left),  and  Sam  DiGangi, 

assistant  vice  provost  for  IT. 
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-  B>  D  E  N  I  CONNOR- 

A  M  hen  3-year-old  Elias  Hinojosa  goes  to  kindergarten  in  Tucson,  Ariz.,  he’ll  have  more  than  crayons,  paper  and  paste 
at  his  disposal.  He’ll  also  have  access  to  a  host  of  interactive  educational  tools,  thanks  to  a  state-sponsored  Web  por- 
W  W  tal  built  and  managed  by  Arizona  State  University. 

From  kindergarten  through  12th  grade,  Hinojosa  will  head  to  the  Integrated  Data  to  Enhance  Arizona’s  Learning  (IDEAL)  por¬ 
tal  for  math  and  reading  practice  tests, supplemental  online  courses,  interactive  learning  exercises  and  state-required  advanced- 
placement  tests.  He’ll  also  turn  to  IDEAL  for  learning  materials,  coursework  and  video  resources  his  teachers  have  placed  there 
to  supplement  their  classroom  presentations. 


The  IDEAL  network 

With  more  than  1  million  potential  users, 
IDEAL  necessitates  a  heavy-duty  storage  in¬ 
frastructure.  At  the  heart  of  that  infrastructure 
are  two  Network  Appliance  FAS3020  file 
servers,  each  hosting  7T  bytes  of  structured 
and  unstructured  data. An  open  source  MySQL 
database,  which  runs  on  two  Sun  Fire  v40z 
servers,  hosts  the  IDEAL  data  repository  The 
NetApp  file  servers  and  Sun  database  servers 
See  Education,  page  56 


THE  ONLY  WAY  TO  DO  BUSINESS 
OUT  OF  THE  OFFICE  IS  WITH 
MULTIPLE  MOBILE  DEVICES. 


AVAyA 

COMMUNICATIONS 
AT  THE  HEART  OF  BUSINESS 


GET  YOUR  FREE  COPY  OF  “MOBILE  WORKFORCE  FOR  DUMMIES”  AT  AVAYA.COM/DUMMIES 


AVAYA  IP  TELEPHONY  GIVES  YOU 
SINGLE-DEVICE  MOBILITY,  LIKE 

HONE. 


©2005  Avaya  Inc.  All  Rights  Reserved.  Avaya  and  the  Avaya  Logo  are  registered  trademarks  of  Avaya  Inc.,  and  may  be  registered  in  certain  jurisdictions.  All  other  trademarks  are  the  property  of  their  respective  owners. 
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Education  continued  from  page  54 

connect  via  ASU’s  Gigabit  Ethernet  network,  to 
which  the  filers  connect  using  iSCSI.ASU  hosts  the 
IDEAL  application  servers  and  portal  software  on 
five  Linux-based  IBM  xSeries  336  servers,  and 
relies  on  switches  from  Cisco  and  F5  Networks  for 
load  balancing  and  network  connectivity 

“The  biggest  challenge  is  managing  the  authen¬ 
tication  and  authorization  of  students  and  teach¬ 
ers,”  says  Jack  Hsu,  director  of  IS  and  network  man¬ 
agement  at  ASU.“We  have  350,000  users  authenti¬ 
cated  and  authorized,  but  have  over  1  million 
overall  users  to  authorize.” 

To  authenticate  portal  visitors,  ASU  uses  the 
open  source  Central  Authentication  Service, 
developed  at  Yale  University  To  authorize  them,  it 
uses  an  internally  developed  program  called 
Enterprise  Dynamic  Network  Authorization.  ASU 
expects  to  dedicate  as  many  as  four  servers  to  the 
authentication  and  authorization  tasks. 

For  redundancy  and  fault  tolerance,  ASU  has  sit¬ 
uated  the  NetApp  file  servers  1,000  feet  apart. 
Although  the  file  servers  are  at  different  data  cen¬ 
ters,  ASU  plans  to  further  separate  the  two  for 
fuller  redundancy  Next  fall,  the  university  will 
move  one  of  the  file  servers  to  a  facility  in  down¬ 
town  Phoenix,  18  miles  away  DiGangi  says. 

The  file  servers  run  NetApp  SyncMirror  soft¬ 
ware,  which  mirrors  data  to  the  remote  server  in 
real  time.  If  a  failure  occurs, users  and  teachers  are 
switched  to  the  remote  system  without  disruption 
to  client  applications.  From  one  file  server,  ASU 
also  uses  SNAPmirror  to  mirror  data  to  a  NetApp 
NearStore  R200  for  archiving  purposes. 

ASU  has  equipped  each  filer  with  Serial 
Advanced  Technology  Attachment  (SATA)  drives 
instead  of  more  expensive  Fibre  Channel  drives, 
and  protects  those  drives  with  NetApp’s  RAID-DP 
(double  parity)  technology  for  increasing  data 
fault-tolerance. 

But  the  configuration  is  flexible  enough  that  if 
ASU  decides  the  SATA  drives  are  not  up  to  par,  it 
will  be  able  to  pop  in  Fibre  Channel  drives 
instead,  Hsu  says. 

ASU  keeps  costs  in  check  for  the  IDEAL  network 
by  using  technologies  such  as  iSCSI  and  open 
source  software. 

“Everything  in  this  project  is  open  source, so  that 
in  itself  is  a  huge  cost  savings,  not  just  in  initial  but 
in  ongoing  costs,"  Hsu  says,  noting  that  ASU  has 
been  running  Linux  for  three  to  four  years.'Then 
we  used  iSCSI,  which  really  makes  our  costs  go 
down.  All  the  Fibre  Channel  expenses  add  up. 
We've  saved  a  few  hundred  thousand  right  there.” 

iSCSI  also  will  save  money  in  support  costs,  Hsu 
says.  “ISCSI  is  just  like  Ethernet  from  the  support 
perspective  —  and  we  already  have  people  who 
know  how  to  manage  Ethernet.” 

So  for  Hinojosa,  if  all  goes  as  planned,  a  lifelong 
relationship  with  IDEAL  is  in  the  future  (or  at  least 
as  long  as  his  parents  stay  in  Arizona).  ■ 


>MoreEducationAll-Stars 

CLARK  COUNTY  SCHOOL  DISTRICT 

•  project  lead:  Philip  Brody,  CTO 

•  technology  focus:  Convergence  —  VoIP 

This  Las  Vegas  school  district  has  undertaken  a  massive  IP  telephony  project  aimed  at  placing  a  phone  in 

every  classroom  to  improve  parent-teacher  communication  and  school  safety  Ultimately  the  $32  million  proj¬ 
ect  will  entail  27,000  phones  at  317  sites,  providing  a  standard  set  of  features  and  E91 1  across  the  network. 
Clark  County  School  District  expects  to  save  $1.5  million  to  $2  million  annually  in  administrative  and  operational 
costs  vs.  the  spending  required  for  a  Centrex  alternative.  With  help  from  Verizon,  CCSD  built  the  VoIP  infrastructure 
on  top  of  a  Gigabit  Ethernet  WAN  using  Alcatel’s  OmniPCX  Enterprise  IP  phone  system. 

COPPIN  STATE  UNIVERSITY 

•  project  lead:  Ahmed  El-Haggan,  vice  president  of  IT  and  CIO 
•  technology  focus:  Convergence  —  VoIP  and  wireless  LAN 

a  multifaceted,  $1.5  million  project,  this  Baltimore  university  deployed  a  converged  IP  infrastructure 
supporting  all  voice,  data  and  video  applications  over  a  secure  Gigabit  Ethernet  backbone.  A  cam¬ 
puswide  wireless  LAN  (WLAN)  supports  indoor  and  outdoor  mobile  access.  Coppin  State  has  loaded 
up  “smart  classrooms’’  with  audio,  video,  computer  and  other  tools  that  it  can  centrally  monitor  and  manage.  Should 
equipment  be  removed  from  one  of  these  classrooms,  facilities  managers  are  immediately  notified  via  their  wireless 
802. 1 1  phones.  The  university  uses  Nortel  gear,  including  its  Ethernet  Routing  Switches,  the  Threat  Protection 
System,  switched  firewalls,  VPN  gateway  application  switches  and  CallPilot  for  unified  messaging.  Coppin  State  says 
the  network  transformation  has  helped  it  boost  enrollment  and  land  new  grants  and  financial  support  from  alumni. 


SCHOOL  DISTRICT  OF  PHILADELPHIA 

•  project  lead:  Bob  Westall,  executive  director,  technology  services 

•  technology  focus:  Convergence  —  Optical  Ethernet  infrastructure,  IP  telephony 


VP  VPk  VPoptical  Ethernet  backbone  is  enabling  the  School  District  of  Philadelphia  to  meet  its  new 1  ’Every 

Child  is  Connected’’  initiative.  Powering  the  network  are  Nortel’s  Ethernet  Routing  Switch  8600  and 
Ethernet  over  SONET  through  Resilient  Packet  Ring  on  an  Optical  Metro  3500  SONET  platform.  IP 
voice  calls  pass  onto  the  optical  backbone  via  IP  PBXs  connected  to  the  Ethernet  switches.  The  SDP  has  connected  its 
264  schools,  delivering  1 ,000  times  the  bandwidth  previously  available.  The  SDP  now  provides  in-class  videoconfer¬ 
encing,  streaming  video,  virtual  schooling  and  voice  messaging,  among  other  applications.  In  addition,  students  can 
connect  from  home,  teachers  can  support  real-time,  online  exams  and  grading,  and  parents  can  access  online  student 
records.  SDP  has  invested  tens  of  millions  of  dollars  in  the  network.  It  expects  to  recoup  the  cost  within  three  years. 


UNIVERSITY  OF  ARKANSAS 

•  project  lead:  Craig  Brown,  associate  director  for  computing  services 
■  technology  focus:  Wireless  —  wireless  mesh  network 

The  IT  team  at  this  university  faced  a  big  challenge  when  searching  for  ways  to  deliver  wireless  connectivity 
from  any  spot  on  this  wooded,  hilly  campus  in  Fayetteville,  Ark.  After  ruling  out  hard-wired  access  points  as 
physically  infeasible,  the  IT  team  decided  on  a  wireless  mesh  network.  With  a  $100,000  investment,  the 
University  of  Arkansas  built  a  wireless  mesh  network  and  opened  Internet  and  e-mail  access  to  the  16,000-member 
student  body  across  nearly  all  of  the  main  campus.  The  university  deployed  Nortel’s  Wireless  Access  Point  7220  with 
auto-discovery  and  self-routing  technology  plus  the  Wireless  Gateway  7250,  which  enables  user  mobility  and 
secures  data  on  the  network.  The  network  also  provides  connectivity  for  public  safety  officers. 


UNIVERSITY  OF  MIAMI,  ImLliEIFSCHOOL  OF  ftHyuCINE 

•  project  lead:  Chris  Bogue,  IT  director  and  information  security  officer 

•  technology  focus:  Wireless  —  wireless  LAN 


I  executives  at  the  University  of  Miami,  Miller  School  of  Medicine  have  a  goal  to  provide  secure  wireless 
coverage  through  the  sprawling  medical  center  for  guest  users,  registered  users,  mobile  carts,  PDAs 
JL  ■■  and  voice  services.  IT  has  established  a  "community  cloud,"  providing  1 .5  square  miles  of  outdoor  wire¬ 
less  coverage  for  a  wide  range  of  facilities.  Within  the  next  two  years,  the  IT  leaders  expect  a  pervasive  network  will 
carry  700  to  2,000  wireless  connections  on  a  sustained  basis.  The  medical  school  has  invested  more  than  $800,000 


See  Education,  page  64 
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At  Business  Objects,  we  discovered  the  difference  Postini  could  make  when 
the  Sobig  virus  hit.  Email  servers  protected  by  Postini  were  unaffected.  Not 
so  with  the  freeware  product  we  had  been  using.  So  switching  to  Postini  was 
simply  a  smart  move.  Now  we’ve  locked  down  our  email  communications 
worldwide  with  Postini’s  secure  eihtlj.  boundary  services.  We  consider 
Postini  a  trusted  partner  in  our  holistic  approach  to  email  security — saving 
both  time  and  money. 

AARON  BARAK,  ARCHITECT-GLOBAL  DIRECTORY  AND  MESSAGING  SERVICES 

BUSINESS  OBJECTS,  SAN  JOSE,  CALIFORNIA 
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91  The  financial  services  industry  has  long  been 
1  among  the  most  intense  consumers  of  new  tech- 


-art 


s  business-centered  management,  Web  services 
or  efficient  converged  networks. 
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FINANCIAL 


Quick  S 

★  MEDIAN  PROJECT  DURATION 

12  months 

★  MEDIAN  PROJ  T  BUDGET: 

$160,000 

★  noteworthy:  With  13  win¬ 
ners,  financial  services  com¬ 
prises  26%  of  the  All-Star  list. 


est  availability  service  model,  provides  two 
routers  for  dual-carrier  connectivity,  says  Steve 
White,  vice  president  of  network  architecture 
and  design  at  the  Boston  company  With  Silver, 
two  routers  connect  into  a  single  carrier  net¬ 
work,  with  ISDN  for  recovery  he  says. 

As  of  April,  State  Street  has  tied  its  eight  data 
centers,  90  global  offices  and  more  than  250 
clients  to  the  new  network,  with  nary  a  hiccup. 

Validation  first,  contract  second 

Bither  and  State  Street  network  engineers 
were  thorough  in  plotting  State  Street’s  migra¬ 
tion  from  the  multicarrier  frame-relay  network 
it  managed  internally  to  the  MPLS  architecture 
it  would  rely  on  carriers  to  manage.  Before  they 
signed  a  contract,  they  wrote  an  architectural 
white  paper  for  carriers,  conducted  115  refer¬ 
ence  calls  and  spent  10  months  gathering  data 
on  the  carriers’  global  networks.  They  selected 
AT&T  and  MCI  in  November  2003,  but  didn’t 
ink  the  contract  until  four  months  later.  In  the 
interim,  State  Street  officials  completed  terms 
and  conditions  and  set  aggressive  service-level 
agreements  with  the  partners. 

In  another  eight  months  of  heads-down  engi¬ 
neering,  the  MPLS  team  replicated  the  State 
Street  WAN  with  a  72-router  lab  environment, 
and  reverse-engineered  the  carriers’  MPLS  net¬ 
works  on  that  simulated  backbone.  Before  it 
turned  on  the  first  site  in  October  2004,  the  proj¬ 
ect  team  validated  all  design  models  and  thor¬ 
oughly  tested  the  MPLS  architecture.“We  had  a 
very  structured  understanding  of  what  we 
wanted  to  do,”  White  says.  “When  the  carriers’ 
core  engineers  came  here,  we  solved  complex 
problems  together,  but  we  drove  everything.” 

From  the  get-go,  the  project  team  understood 
that  this  new  network  would  have  to  rely  on 
enabling  technologies, such  as  QoS.That  way  if 
a  business  manager  asked  for  videoconferenc¬ 
ing,  White  could  say, “No  problem.  We  can  do 
that  today  because  we  have  QoS,  and  avail¬ 
ability  is  baked  into  the  architecture.” 

In  the  frame-relay  days,  a  videoconferencing 
request  could  have  sent  engineers  scrambling 
See  Financial,  page  62 


>  Gordon  Bither,  senior  vice  president,  integrated  network  solutions,  State  Street  (at  left),  with  his  vice 
presidents  of  network  architecture  (left  to  right):  Richard  Hamm,  Steve  White  and  Paul  Sullivan. 

-By  BETH  SCHULTZ- 

Wien  it  comes  to  its  next-generation  network  infrastructure,  State  Street  takes  no  shortcuts. 

Tie  devil  is  in  the  details,” says  Gordon  Bither, senior  vice  president  for  integration  network  solutions  at  State  Street, 
1  world’s  largest  institutional  investment  firm  with  $9.8  trillion  in  assets  under  custody 
Such  an  attitude  led  State  Street  to  create  a  MPLS  network  for  carrying  converged  voice,  data  and  video  simultaneously  over 
two  carrier  networks,  dubbed  an  active/active  architecture.  With  active/active,  traffic  travels  the  shortest  routing  path,  jumping 
from  one  carrier  network  to  the  other  as  necessary. 

Detail-mindedness  also  led  State  Street  to  create  six  standardized  architectural  models  for  funneling  traffic  from  global  offices 
to  its  data  centers  ,and  eight  models  for  client  connectivity  Among  the  client  models  are  Gold  and  Silver  options.  Gold,  the  high- 
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Introducing  the  EtherScope™  Network  Assistant 
-  your  eyes  into  the  network  to  help  you  spot 
problems  and  solve  them  faster  than  ever.  You 

don't  have  time  for  trial  and  error.  Or  methods 
that  only  provide  part  of  the  picture.  That's  why 
Fluke  Networks'  new  EtherScope  analyzer,  with  its 
immediate  discovery  and  fast  diagnostics,  helps 
you  quickly  isolate  urgent  problems  on  your  giga¬ 
bit  network  as  well  as  those  nagging  issues  that 
may  be  keeping  it  from  performing  at  optimum 
level.  Fast.  Accurate.  EtherScope.  So  you'll  have 
more  time  to  get  to  the  several  dozen  items  on 
your  "to  do"  list.  Visit  our  web  site  and  check  out 
the  virtual  demo.  Then  request  a  test  drive  in  your 
office  -  on  your  network.  Decide  for  yourself 
whether  or  not  EtherScope  Network  Assistant  will 
be  your  next  new  hire. 


EtherScope™ 
Network  Assistant 


NETWORKSUPERVISION™ 


Your  network  assistant  is  waiting 
to  show  you  what  it  can  do  to  help 
make  your  job  easier.  Just  go  to 


www.flukenetworks.com/escope 
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sTget  the  facts. 


RAYOVAC  CHOSE  WINDOWS  SERVER  SYSTEM  AND  EXPECTS  TO  SAVE 
NEARLY  ONE  MILLION  DOLLARS. 


"By  choosing  Windows  Server™  over  Linux  for  our  new  SAP  APO  solution,  well  save  an 
estimated  one  million  dollars  in  software,  staffing,  and  support  costs  over  the  first  four  years. 
We  needed  performance,  security  enhancements,  and  reliability  at  a  reasonable  price, 
and  Linux  would  have  presented  additional  risks  in  all  of  those  areas.  It  may  be  the  new 
thing  from  a  technical  perspective,  but  Linux  doesn't  cut  it  from  a  business  perspective — 

I  need  a  proven  IT  environment  that  I'm  sure  we  can  support." 

-Rick  Dempsey,  Chief  Information  Officer,  Rayovac 
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Financial  continued  from  page  58 

to  come  up  with  a  custom  approach  for  involved  sites.  The  frame- 
relay  network  had  become  overly  complex  and  inefficient, growing  as 
a  series  of  these  point  solutions,  Bither  explains.  Ultimately,  about  18 
service  providers  —  one  international  and  many  regional  carriers  — 
provided  the  connectivity  for  that  aged  hub-and-spoke  architecture. 

In  2002,  the  frame-relay  network  situation  had  become  untenable. 
The  WAN  had  become  a  constant  in  the  company's  daily  report  on  IT 
problems,  and  it  was  negatively  affecting  business.  Bither  relates  his 
experience:"  [The  report]  would  come  out  at  8  a.m.,and  1  would  get 
a  call  from  the  CIO  shortly  thereafter  to  address  the  WAN  issues.” 

As  network  executives  began  thinking  about  architectural  options, 
MPLS  topped  everyone’s  minds. “MPLS  was  always  our  desired  goal, 
with  convergence  in  mind,”  Bither  says. 

Also  clear  to  Bither  and  the  executive  management  team  was  that 
State  Street  needed  to  get  out  of  the  business  of  managing  its  WAN 
services.  “By  outtasking  WAN  [moves,  adds,  changes,  delete]  work, 
addressing  and  those  types  of  jobs,  I  was  able  to  hire  higher-level 
resources  who  understand  the  overall  architecture  and  the  business,” 
he  says.“We  maintain  the  thought  leadership  and  allow  others  to  do 
the  repeatable  process  as  a  managed  service.” 

With  its  months  of  net  modeling, State  Street  made  sure  its  managed 
services  providers  could  handle  the  job. “The  success  of  a  managed- 
services  environment  is  to  design  your  environment  around  the  man¬ 
aged  service. Your  models  and  your  architecture  need  to  support  the 
service  providers  ability  to  provide  what  you’re  looking  for  White  says. 

But  Bither  didn’t  want  to  be  too  rigid:“You  can’t  demand  something 
of  a  service  provider  that  a  service  provider  can’t  provide,”  he  says. 


>MoreFinancialAll-Stars 

CITIGROUP 

•  project  leads:  Executives  with  Citibank  Technology  Infrastructure 

■  technology  focus:  Management  —  configuration  and  change  management 

a  $1 .5  million  project,  Citigroup  wanted  to  find  a  product  that  could  provide  all 
the  reporting,  governance,  inventory  and  configuration  functions,  such  as  rollout 
and  rollback,  that  it  had  been  doing  manually  while  instituting  workflow  and 
process  best  practices.  Citigroup  selected  AlterPoint's  DeviceAuthority  change  and  configura¬ 
tion  management  software,  and  is  already  reporting  benefits.  For  example,  it  has  reduced  the 
time  required  to  manage  access  lists  across  devices  from  about  five  staff  members  working 
three  days  to  one  working  fewer  than  seven  hours.  It  also  nearly  eliminated  manual  remediation. 
The  New  York  global  giant  has  44,000  network  devices,  in  support  of  300,000  employees. 

FARM  CREDIT  SERVICES  OF  AMERICA 

•  project  leri):  Beth  Schmidt,  director,  application  development 

■  technology  focus:  Applications  —  CRM  integration 

arm  Credit  Services  of  America,  a  provider  of  credit  services  for  farmers  in  Omaha, 
Neb.,  undertook  a  $1.3  million  project  to  build  a  Microsoft  .Net  Framework-based  appli¬ 
cation  that  creates  a  single  integration  point  for  four  customer-related  systems.  The 
application,  called  Pinwheel,  has  increased  employee  productivity  by  70%.  The  firm  uses 
Microsoft's  BizTalk  Server  2004  Enterprise  Edition  to  manage  and  exchange  data  among  the 
systems.  Previously,  such  updates  meant  running  lengthy  batch  processes  nightly. 


•  project  lead:  Joe  McKenna,  vice  president  of  architecture  and  engineering 
-  technology  focus:  Management  —  business  services  management 


A  standardized,  supercore  model 

State  Street’s  due  diligence  in  designing  the  fully  managed, dual-car¬ 
rier,  active/active  MPLS  network  has  paid  off  —  time  and  again.  More 
than  once,  either  the  AT&T  or  MCI  portion  of  State  Street’s  global 
MPLS  network  has  failed,  with  no  impact  on  the  customer,  because 
traffic  is  load  balanced  across  the  networks,  Bither  says.“No  one  has 
known, and  I  like  it  that  way’he  adds. 

Plus,  with  the  day-to-day  tasks  out  of  the  way  Bither’s  network  spe¬ 
cialists  can  focus  on  how  to  capitalize  on  MPLS.  They’re  implement¬ 
ing  multicasting  and  VoIP  from  Cisco,  for  example. 

State  Street  leverages  a  supercore  architecture  interconnecting 
redundant  hubs  in  eight  global  locations.  Each  node  comprises  vari¬ 
ous  Cisco  switches  —  from  the  high-end  Catalyst  6500s  to  the  low-end 
3700s.  Traffic  from  metro  Ethernet  LANs  is  consolidated  within  the 
supercore  hubs,  which  themselves  are  linked  over  a  dual-carrier 
dense  wavelength  division  multiplexing  network.  This  model  facili¬ 
tates  State  Street’s  ability  to  control  routing  within  a  region  while 
maintaining  any-to-any  connectivity  across  the  globe,  White  says. 
“Although  there  is  complexity  associated  with  this,  we’ve  kept  the 
design  as  simple  as  possible  and  have  driven  out  human  interven¬ 
tion”  by  establishing  highly  structured  repeatable  processes  and  the 
14  standardized  architectural  models,  he  adds. 

The  MPLS  project  team  rarely  needs  a  custom  approach  for  any 
business  request,  a  huge  improvement  over  the  frame-relay  days, 
Bither  notes.  Obviously,  this  also  means  productivity  has  skyrocketed 
—  “all  that’s  required  is  a  quick  look  to  make  sure  the  bandwidth  is 
properly  engineered,”  he  says.  What’s  more,  in  the  six-plus  months 
since  the  network  went  live,  it  hasn’t  once  appeared  in  a  daily  prob¬ 
lem  report,  and  response  times  have  improved  10%  to  25%  globally 

State  Street’s  project  proves  again  that  a  n o^hort-cut  approach  is 
often  the  fastest  route  to  improvement.  ■ 


Fidelity  Investment’s  critical  IT  infrastructure  includes  more  than  150  F5  Networks  load- 
balancers  managing  more  than  35,000  endpoints,  which  produce  more  than  45  million 
daily  page  loads.  Fidelity’s  Integrated  Monitoring  Center  (IMC)  carries  the  burden  of 
keeping  this  online  environment,  for  trading  and  other  applications,  running  smoothly  24/7.  IMC 
recently  implemented  a  business  services  management  (BSM)  strategy  via  Managed  Objects’ 
End-to-End  Service  Manager.  This  BSM  tool  consolidates  and  correlates  network  and  systems 
management  information  into  a  single,  real-time  centralized  view,  enabling  the  IMC  to  mitigate 
problems  quickly  With  the  tool,  the  IMC  can  direct  the  load  balancers  to  divert  traffic  around 
trouble  spots.  This  can  take  as  few  as  five  seconds  vs.  the  60  minutes  of  old.  Benefits  to  the 
Boston  firm  include  increased  productivity  and  improved  customer  satisfaction. 


FIFTH  THIRD  BANCORP 

•  project  leri):  James  Lancaster,  vice  president 

■  technology  focus:  Management  —  integrated  application  management 


Fifth  Third  Bancorp  set  out  to  improve  the  way  it  detects  and  analyzes  root  causes  and 

correlates  events  on  its  40,000-node  network.  It  turned  to  EMC  Smarts,  which  integrates 
several  applications  to  provide  a  unified  view  across  IT  domains  and  automated  root- 
cause  analysis.  Additionally  Smarts  integrates  with  the  bank’s  Remedy  help-desk  system,  for 
automated  trouble-ticketing.  The  financial  services  firm  in  Cincinnati  has  cut  the  time  it  takes  to 
resolve  network  outages  by  40%.  The  implementation,  including  new  hardware,  cost  $160,000. 


FORTIS  PRIME  FUND  SOLUTIONS 

•  project  lead:  Chuck  Thompson,  IT  and  facilities  manager 
-  technology  focus:  Storage  —  iSCSI  for  backup 


ma  one-week,  $100,000  project,  Fortis  Prime  Fund  Solutions  reduced  back-up  time 
by  30%,  significantly  improving  business  continuity  and  data  availability  at  offices 
in  North  America,  the  Caribbean  (IT  operates  from  Grand  Cayman  Island)  and 
Europe.  To  do  so,  this  mutual  fund  administrator  implemented  an  enterprise-scale  iSCSI-based 
storage-area  network  (SAN)  along  with  automated  data  replication  and  provisioning  tools.  The 
IT  team  can  now  focus  back-up  and  replication  efforts  only  on  data  that  is  likely  to  change, 
while  provisioning  static  data  to  separate  volumes  on  the  SAN,  built  using  EqualLogic’s  PS  Array. 


See  Financial,  page  64 


ADVERTISEMENT 


SSL  VPN  Grows  Up 

SSL  is  becoming  the  VPN  technology  of  choice,  with  products  from  vendors  like  Array  Networks  delivering 

high  performance,  ease  of  use  and  cutting-edge  security  —  at  a  low  cost. 


K  wasn’t  long  ago  that  the  Secure 
Sockets  Layer  (SSL)  protocol  was 
used  chiefly  as  a  means  of  providing 
secure  connections  to  Web  sites, 
such  that  consumers  would  feel  com¬ 
fortable  sending  their  credit  card  and  other  per¬ 
sonal  data  over  the  Internet.  Today,  SSL  is  increas¬ 
ingly  being  used  for  corporate  virtual  private  net¬ 
works  (VPNs)  providing  secure  access  to  various 
corporate  resources  for  an  organization’s  own 
users  as  well  as  customers  and  business  partners. 

SSL  VPNs  are  being  deployed  as  an  alternative  to 
VPNs  based  on  the  IP  Security  (IPSec)  protocol, 
and  with  good  reason.  SSL  VPNs  are  far  easier  to 
deploy  because  they  require  only  a  Web  browser 
to  be  present  on  the  client  machine.  IPSec  requires 
client-side  software,  which  means  IT  must  "touch” 
every  client  that  is  to  participate  in  the  VPN. 

SSL  VPNs  also  provide  more  security  options.  If  a 
computer  connected  via  IPSec  is  infected,  it  can 
quickly  infect  the  rest  of  the  network.  SSL  VPNs 
from  companies  such  as  Array  Networks  act  as  a 
full  reverse  proxy,  creating  a  “virtual  divide.”  The 
user’s  session  is  terminated  at  the  VPN  device,  so 
the  user  never  has  a  presence  on  the  network.  That 
enables  the  system  to  ferret  out  and  drop  suspi¬ 
cious  connections  before  they  do  any  damage. 

At  the  same  time,  today’s  SSL  VPNs  offer  more 
functionality  than  the  previous  generation,  such  as 
highly  configurable  access  control  capabilities  that 
include  a  security  health  check  on  each  client, 
improved  manageability  without  costly  agents  on 
each  end  point,  and  the  ability  to  provide  access  to 
virtually  any  corporate  IT  resource,  from  applica¬ 
tions  to  printers. 

An  Exploding  Market 

Customers  are  getting  the  message.  I  DC  says  the 
market  for  SSL  VPN  appliances— the  most  preva¬ 
lent  form  of  SSL  VPN— was  $200  million  in  2004, 
up  an  “incredible”  172%  from  the  prior  year.  By 
2009,  IDC  estimates  the  market  will  reach  nearly 
$900  million  in  revenue,  a  compound  annual 
growth  rate  of  35%  from  2004. 

In  its  March  2005  report  on  the  SSL  VPN  market, 
IDC  says  it  believes  the  market  for  clientless  solu¬ 
tions  will  be  “extremely  dynamic”  in  coming  years, 
with  "exceptional  growth,  predicated  on  continued 
deployment  of  Web-based  remote  access  applica¬ 
tions  and  services.”  But  growth  won’t  be  limited  to 
remote  access;  SSL  VPN  use  within  a  corporate 
LAN  will  likewise  greatly  expand  as  companies  seek 
to  provide  tighter  access  controls  to  corporate 
resources  from  within  their  own  walls,  IDC  says. 

Given  the  expanded  role  that  SSL  VPNs  are  now 
playing,  researchers  at  Frost  &  Sullivan  even  came 
up  with  a  new  name  for  the  product  category: 
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Features/Benefits 

Requires  only  common 
Web  browser  for  secure 
access 

Client-side  security 
downloaded  on-the-fly 

•  Host  checking 

•  Cache  cleaning 

•  Secure  desktop 


Multi  VPN  capability 

•  Webified  applications 

•  Client/server 

•  File  sharing 

•  Layer  3  VPN 

•  IPSec  migration 


Evolving  to  Universal  Access  with  SSL  VPN 


•  Home 

telecommuters 

•  Small  office/ 
home  office 


•  Mobile  users 

•  Hotels 

•  Airports 

•  Kiosks 

•  Roaming 
PDA  &  cell 


•  Branch  office 

•  Franchise  store 

•  Remotely  hosted 
applications 
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1  Partners 


•  Customer 
A,  B,  C,  D 


SSL 


SSL 


SSL 


Internet 


Granular  access  control 


•  Authentication 

•  Authorization 

•  Auditing 


SSL 


Purpose-built  platform 

•  Remote/local  access 

•  Up  to  64,000 
concurrent  users 

•  Lower  latency  than 
IPSec 

•  Integrated  firewall 

•  Security-hardened  OS 

•  High  availability 

•  Application  filtering 


Local 

users 


Unique  solutions 

•  Citrix  replacement 

•  Web  resource  mapping 

•  E-mail  proxy 

•  256  virtual  portals 

•  Application  acceleration 

•  Intelligent  desktop 
management 
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Network-to-network 

connection 
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Remote  or 
hosted 

resources  and 
applications 


Resource  Gateway. 

Frost  &  Sullivan  argues  that  the  term  “SSL  VPN” 
doesn’t  adequately  describe  what  products  in  the 
category  do.  From  an  enterprise  user’s  perspec¬ 
tive,  the  objective  is  to  provide  “a  means  to  control 
and  optimize  end  user  interactions  with  useful 
resources,”  Frost  &  Sullivan  says  in  its  August  2005 
report  on  SSL  VPN’s.  Those  resources  can  include 
not  only  business  applications,  but  file  shares,  net- 
work-connected  devices  such  as  printers  as  well  as 
other  end  user  machines,  Frost  &  Sullivan  says. 

To  compare  the  various  products  in  the  market, 
Frost  &  Sullivan  rates  them  on  each  of  three  func¬ 
tional  requirements:  connectivity,  security  and  per¬ 
formance.  The  company  assigns  each  vendor  to 
either  the  lower  tier  or  upper  tier  in  each  category. 

Array  Networks  Shines 

Frost  &  Sullivan  puts  Array  Networks  in  the  top 
tier  in  each  of  the  three  categories.  The  Array  SPX 
Series  SSL  VPN  products  combine  three  attributes 
that  Frost  &  Sullivan  says  are  essential  for  success: 
scalability,  functional  extensibility  and  adaptability. 

In  terms  of  scalability,  Array’s  SPX  Series  sup¬ 
ports  up  to  64,000  users  and  100,000  simultane¬ 
ous  connections  per  device,  with  throughput  of  up 
to  850M  bit/sec— making  it  the  world’s  fastest  and 


most  scalable  SSL  VPN  product.  Array  Networks’ 
systems  perform  eight  times  faster  and  scale  12 
times  higher  than  the  nearest  competitor.  Array 
also  supports  as  many  as  256  virtual  portals  on  a 
single  system,  enabling  users  to  create  “instant 
DMZs”  that  segment  different  user  communities. 
All  this  adds  up  to  Array  delivering  the  lowest  total 
cost  of  ownership  to  its  customers. 

It  should  be  no  surprise,  then,  that  Array  prod¬ 
ucts  are  deployed  in  some  of  the  largest,  most 
demanding  organizations,  including  four  of  the 
world’s  top  10  banks,  five  of  the  top  10  communi¬ 
cations  service  providers  and  more  than  20  per¬ 
cent  of  the  Global  2000  enterprises. 

As  Michael  Suby,  a  senior  research  analyst 
with  Frost  &  Sullivan  and  the  author  of  its 
report  puts  it,  “Array  is  one  of  the  limit¬ 
ed  number  of  vendors  with  broad 
functionality  in  all  three  func-  . 

tional  categories— connec-  I  u  i 

tivity,  security  and  per-  _ 

formance  ’  ^  out  the  '"°r,d’s 

most  powerful  SSL 

VPN  solution  with  our 

FREE  trial  offer.  Go  to 

www.arraynetworks.net/freetrial 

or  call  1-866-MY-ARRAY  for  details. 
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GMAC  COMMERCIAL  HOLDING 

project  lead:  Mike  Sava,  assistant  vice  president, 
corporate  LAN/WAN  infrastructure 
technology  focus:  WAN  —  MPLS  network  for  backups 

MAC  Commercial  Holding's  MPLS  twist  is  its  use  of  the 
WAN  technology  —  and  traffic  shaping  —  to  enable  remote  office  back¬ 
ups.  IT  installed  remote  agents  on  each  server,  removed  existing  back-up 
software  and  did  away  with  local  media.  As  of  late  October,  IT  had  converted  95% 
of  its  44  U.S.  sites  to  central  backups  from  headquarters  in  Horsham,  Pa.,  dramati¬ 
cally  lowering  completion  time  for  file  operations  and  improving  productivity  IT 
expects  to  save  $400,000  in  the  first  year,  with  the  project  having  cost  $75,000. 

H&R  BLOCK  FINANCIAL  ADVISORS 

project  lead:  Scott  Thompson,  head  of  application  development,  Kansas  City 
technology  focus:  Applications  —  SOA  management 

H&R  Block  built  a  service-oriented  architecture  (SOA)  that  aggregates 
about  2.5  million  leads  each  tax  season.  After  qualifying  the  leads,  the 
Client  Acquisition  System  (CAS)  routes  them  to  financial  advisers  based 
on  specified  criteria.  The  CAS  team  uses  Tibco  Software's  BusinessWorks  to  man¬ 
age  the  execution  of  15  Microsoft  .Net  Web  service  requests  per  lead  (under  peak 
volume,  CAS  processes  more  than  4  million  Web  service  requests  a  day). 
AmberPoint's  SOA  management  tools  provide  a  centralized  view  into  all  services- 
based  interactions  and  automate  the  exception-handling  process.  The  project  has 
resulted  in  a  20%  reduction  in  development  costs,  streamlined  staffing  require¬ 
ments  and  improved  licensing  for  the  Detroit  tax  services  firm.  H&R  Block  cut  $2 
million  in  pending  license  fees  and  increased  cross-service  revenue  by  over  46%. 

LEHMAN  BROTHERS 

•  project  lead:  Tom  King,  chief  information  security  officer 
•  technology  focus:  Security  —  identity  management 

Lehman  Brothers  wanted  to  enforce  and  automate  user-access  rights  to 
better  meet  stringent  regulatory  and  privacy  requirements.  Using  Thor 
Technologies'  Xellerate  Identity  Manager  and  Total  Access  Control  provi¬ 
sioning  system,  this  New  York  investment  bank  now  provides  identity  manage¬ 
ment  for  more  than  22,000  users,  who  have  more  than  400,000  unique  system 
accounts  across  1 ,400  business-critical  applications.  IT  can  set  up  new  user 
accounts  in  20  minutes  and  deny  user  access  in  60  seconds,  saving  1 .3  man- 
years  in  four  months  of  automated  provisioning  for  major  platforms  alone. 


PRINCIPAL  FINANCIAL  GROUP 

project  lead :  Jim  Wittry,  IS  network  administration 
technology  focus:  Security  —  SSL  VPN 

With  74%  of  employees  spending  at  least  one  hour  each  week  working 
remotely,  Principal  Financial  Group  faced  a  remote-access  impera¬ 
tive.  For  comprehensive  remote  access,  the  DesMoines,  Iowa,  com¬ 
pany  migrated  to  an  SSL  VPN.  With  the  new  VPN,  IT  can  enforce  endpoint  securi¬ 
ty  policies,  meet  data  encryption  requirements  and  distinguish  among  corpo¬ 
rate,  home  user  and  PCs  outside  its  circle  of  trust.  For  users,  broadband  connec¬ 
tivity  is  available  via  Ethernet,  wireless  LAN  or  3G  cellular  data  service,  for 
example.  For  the  $400,000  project,  IT  deployed  an  SSL  VPN  server  cluster,  per¬ 
sonal  firewalls  with  central  policy  management  and  hard-drive  encryption  soft¬ 
ware  Principal  attributes  a  50%  productivity  improvement  to  the  SSL  VPN. 

I  PRUDENTIAL  FINANCIAL 

project  leads:  Jim  White,  vice  president,  and  Chuck  Pagano,  vice  president 
technology  focus:  WAN  —  MPLS  network 

rudential  Financial  has  seen  the  last  of  its  frame-relay  days.  In  four 
months,  with  an  average  of  20  locations  per  week,  the  network  team  at 
the  Newark,  N.J.,  company  rolled  out  235  Cisco  routers,  545  Cisco 
!  'i.i  'net  switches  and  more  than  300  WAN  MPLS  and  private  lines.  Through  the 
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to  support  its  mobile  healthcare  strategy  Technology  in  use 
includes  Meru  Networks'  WLAN  System,  a  voice-activated  com¬ 
munications  system  from  IBM  andVocera  Communications,  and  a 
wireless  bridge  to  provide  a  link  between  remote  locations  and  the  University  of 
Miami  Medical  Center.  IT  expects  to  earn  an  ROI  from  efficiencies  gained  in 
mobilizing  the  workforce  and  providing  real-time  communication  tools. 

UNIVERSITY  OF  NORTH  CAROLINA 
AT  CHAPEL  HILL 

•  project  lead:  Mike  Hawkins,  associate  director  of  data  networking 

*  technology  focus:  Security  —  intrusion  detection  and  prevention 

combat  fast-moving  virus  attacks,  the  University  of  North 
Carolina  at  Chapel  Hill  built  an  automated  virus  response  sys¬ 
tem  that  combines  off-the-shelf  security  wares  with  custom  pro¬ 
gramming.  The  IT  team  topped  off  existing  in-line  intrusion  prevention  appli¬ 
ances  with  Enterasys  Network's  Dragon  intrusion-detection  device,  Dynamic 
Intrusion  Response  from  Intrusion  Prevention  technology  and  NetSight  Network 
Management  Software  tools.  With  this  setup,  UNC  can  identify  virus  hits  and  iso¬ 
late  user  machines  by  moving  them  to  a  remediation  virtual  LAN.  During  this 
process,  every  step  is  recorded  in  a  Remedy  trouble-ticket  system.  The  average 
time  from  getting  a  virus  signature  to  isolating  the  user  machine  is  now  only  30 
seconds.  Plus,  IT  reports  reducing  the  number  of  virus  infections  and  compro¬ 
mised  machines  by  70%  from  the  fall  of  2003  to  the  fall  of  2004. 


$1.5  million  project,  Prudential  has  increased  bandwidth  to  a  full  T-l  at  all  remote 
locations.  With  that  bandwidth  comes  a  host  of  new  applications,  such  as  stream¬ 
ing  video  to  the  desktop,  office-to-office  file  sharing  and  VoIP-enabled  training. 

IT  expects  to  save  $900,000  in  the  first  year  and  $3.7  million  by  the  third  year. 


STATE  STREET  GLOBAL  ADVISORS 

-  project  lead:  Torn  Dever,  senior  storage  engineer 
•  technology  focus:  Storage  —  SAN  management 


O  support  its  global  asset-management  operation,  State  Street 
Global  Advisors  in  Boston  runs  a  host  of  investment-related 
applications  on  about  250  servers  linked  to  a  Fibre  Channel- 
based  storage-area  network  (SAN).  As  the  SAN  reached  a  volume  of  about  200T 
bytes  of  disk  storage  and  another  720T  bytes  of  tape  storage,  management 
became  daunting.  SAN  administrators  make  roughly  a  dozen  changes,  each 
involving  multiple  physical  and  logical  tasks,  daily;  nearly  80%  of  SAN  problems 
stem  from  these  changes.  To  address  the  issue,  it  deployed  Onaro’s  SANscreen 
software,  which  automatically  discovers  SAN  devices,  models  the  network  and 
then  predicts  the  effects  of  real  or  planned  changes.  Since  deploying  SANscreen 
in  April,  State  Street  Global  Advisors  operates  with  approximately  20%  less  stor¬ 
age  gear  because  administrators  can  more  easily  reassign  hardware  resources. 
The  company  realized  ROI  in  seven  months  based  on  operational  efficiencies. 


UMB  BANK 

•  project  lead:  Bill  Taylor,  assistant  vice  president  and  manager, 
network  services 

technology  focus:  Convergence  —  VoIP  management 


A  thorough  performance-management  study  must  come  before  a  VoIP 

migration.  That’s  the  strategy  of  Kansas  City  Mo.-based  UMB  Bank,  which 
uses  NetScout  Systems'  nGenius  performance-management  system  to 
gain  detailed  insight  into  virtually  all  applications  and  get  historical  reports  on  net¬ 
work  performance.  It  also  uses  the  system  to  monitor  network  activity;  with  Web- 
based  reports,  IT  can  forecast  where  adjustments  will  be  needed  once  it  adds 
voice  into  the  traffic  mix.  Business  benefits  from  the  $120,000  project  include  the 
ability  to  protect  critical  revenue-impacting  applications. 


A  lot  of  products  claim  to  reduce  the  complexity  and  cost  of  enterprise 
backup.  But  one  actually  delivers — the  Scalar®  i2000,  part  of  the  growing 
iPlatform  ™  family  from  ADIC,  the  leading  provider  of  tape  libraries  for 
open-systems  backup.  * 

Embedded  intelligence.  The  Scalar  i2000  is  the  first  library  to  integrate 
advanced  management  functions — proactive  monitoring,  built-in  partitioning, 
automated  diagnostics,  and  I/O  management — so  it  delivers  faster  and  more 
reliable  backup  and  uses  less  of  your  budget,  time,  and  staff. 

Faster  resolution,  fewer  service  calls.  Smarter  diagnostics  and  dedicated 
service  teams  mean  fewer  interruptions  and  faster  resolution.  The  Scalar 
i2000  requires  half  the  service  calls  of  conventional  libraries.  And  the 
worldwide  ADIC  service  team  solves  problems  before  customers  see  them. 

Capacity  on  demand.  As  its  name  suggests,  the  Scalar  i2000  is  designed  to 
scale  with  your  storage  needs.  So  you  don't  have  to  worry  about  running  out 
of  space  or  paying  for  more  than  you  need. 

After  all,  you  were  hired  to  use  your  brains  for  more  important  things. 

‘Market  share  from  Gartner  Dataquest,  Tape  Automation  Systems  Market  Shares,  2003,  F.  Vale,  April  2004. 


Visit  www.adic.com/i2k  to  get  your  free  Aberdeen  Group  white  paper: 

Taking  an  Intelligent  Step  Forward  in  Tape  Backup  and  Restore. 
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Available  through  EMC  Corporation,  your  complete  source  for  information  lifecycle 
management  solutions.  Call  your  local  ADIC  or  EMC  sales  representative  for  more  information. 
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Whether  taming  unruly  application  use,  improving 
communications  or  beefing  up  security  these  five 
government  projects  have  two  things  in  common. 
They  must  integrate  with  incredibly  large  and  com¬ 
plex  environments,  and  in  these  fiscally  delicate 
times,  they  must  be  able  to  prove  hard-dollar 
monetary  value. 
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At  Security  information 
management  helps  the  Mine  Safety 
and  Health  Administration  boost  its 
security  score  from  F  to  B. 


|late  2004,  a  version  of  the  Welchia  worm  hit  the  Mine 
I  Safety  and  Health  Administration  network,  its  ping  of 

death  disabling  17  remote  offices  in  an  hour.  That’s 
when  George  Fesak  knew  he  had  made  the  right  decision  to  invest  in 
security  information  management  (SIM). 

“It  took  less  than  three  hours  to  block  the  Welchia  traffic,  quarantine 
the  298  infected  machines  and  restore  connections  to  our  17  field 
offices,”  says  Fesak,  who  is  director  for  Program  Evaluation  and 
Information  Resources  (PEIR)  at  MSHA,  a  U.S.  Department  of  Labor 
(DOL)  agency  in  Arlington, Va.“Right  there  was  the  ROI.  I  remember 
when  ILOVEU  tore  through  here  without  SIM  in  place.  It  took  us  four 
or  five  days  to  get  our  people  back  to  work.” 

Using  netForensics’  nFX  Open  Security  Platform,  MSHA  security  engi¬ 
neers  and  network  administrators  can  see  security  events  as  they  un¬ 
fold,  changing  security  configurations.  The  system  integrated  with 
MSHAs  intrusion-detection  systems,  firewalls,  routers  and  SSL  VPN 
devices  to  take  network  event  information  for  analysis  and  correlation. 
Using  nFX  wizards  to  create  agents  for  MSHAs  critical  business  servers, 
administrators  created  role-based  connectivity  for  departments  requir¬ 
ing  access.  In  this  way  the  security,  operations  and  applications  groups 
can  get  correlated  intelligence  on  the  gathered  data  as  needed. 

Fesak  credits  much  of  MSHAs  success  to  Syed  Hafeez,  information 
systems  security  officer  for  the  agency  Since  2001 ,  Hafeez  has  worked 
with  the  organizational  business  units  to  raise  awareness  and  involve 
the  business  in  structural  security  upgrades.  In  March  2003,  Hafeez 
undertook  the  SIM  project,  completing  Phase  I  (security  device  inte¬ 
gration)  and  Phase  II  (server  integration)  in  October  that  year. 

SIM  has  had  a  major  impact  on  MSHAs  security  ratings.Less  than  one 
year  into  the  deployment,  MSHAs  security  score  within  DOL  increased 
to  an  “all  green.”This  in  turn  contributed  to  the  DOLs  overall  Federal 
Computer  Security  Compliance  Scorecard  grade,  issued  by  the  Office 
of  Management  and  Budget,  rising  from  F  to  B.  The  effort  also  lifted 
MSHAs  security  scores  from  low  to  one  of  the  best  at  the  agency  level 
using  that  scorecard, says  Jay  Mattos,  MSHAs  deputy  director. 

“This  project  honed  in  on  being  able  to  supply  security  awareness 
at  multiple  technical  and  business  levels  in  real  time,  without  an 
entire  SOC  [security  operations  center]  infrastructure  added  on,” 
Hafeez  says.“Now,  security  operations  and  application  groups  have  a 
comprehensive  view  of  security  data  in  any  configuration  they  need.” 

For  such  drastic  improvements  in  security  awareness,  compliance 
and  management,  without  the  major  cost  of  building  a  SOC,  MSHA 
earns  2005  Enterprise  All-Star  recognition. 


New  guidelines  and  standards 

The  SIM  project  flowed  out  of  the  DOLs  2003  adoption  of  a  gover¬ 
nance  process  for  its  enterprise  architecture,  done  in  part  to  meet 

See  Government,  page  68 
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MEDIAN  PROJECT  DURATION: 

24  months. 


MEDIAN  PROJECT  BUDGET: 

$22. 5  million. 


*  noteworthy:  The  highest 
average  ROI  on  the  list  occurs 
in  the  government  category. 


< 


Moving  to  VoIP  shouldn’t  create  security  issues  for  your  business.  It  since  encryption  is  a  standard  feature,  it  is  impossible  for  anyone  to  intercept 

should  eliminate  them.  That's  why  the  Zultvs  MX250  IP  PBX  runs  on  sensitive  communications.  Best  of  all,  the  Zultys  MX250  does  all  this 

a  real-time  Linux  operating  system  that  is  straight  out  of  the  box.  To  learn  more  about 

secure  and  not  vulnerable  to  attack.  And,  adding  secure  VoIP,  access  www. zultys.com/nw. 


PRODUCT  BREAKTHROUGH 

CONVERGENCE 


VoIP  vs.  VolQ 


£>'  2005  Zultys  Technologies-. 
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Government  continued  from  page  66 

Federal  Information  Security  Management  Act 
(FiSMA)  guidelines  for  recommended  security  con¬ 
trols.  Based  on  the  National  Institute  of  Standards  and 
Technology  standards,  FISMAs  regulatory  compliance 
directive  dictates  enforcement,  accountability,  and 
consistent  reporting  policies  and  procedures  on  three 
years  of  retained  event  log  data. 

But  MSHA,  with  nearly  2,300  users  spread  over  100 
offices  nationwide,  was  logging  2G  bytes  of  security 
event  data  every  hour  just  on  its  firewalls,  let  alone  its 
other  security  devices. 

“MSHA  runs  very  lean  We  did  not  have  the  budget  for 
an  expensive  SOC  to  manage  all  the  security  data.And 
it’s  not  humanly  possible  to  watch  raw  data  and  men¬ 
tally  correlate  it  in  real  time, so  we  had  to  architect  an 
environment  that  relied  on  centralized  automation 
with  minimal  security-specific  skill  sets,”  Hafeez  says. 
Automation  leverages  current  resources  and  skills,  he 
adds,  and  SIM  was  the  least  costly  way  to  absorb  secu¬ 
rity  into  the  network  management  infrastructure. 

A  configuration  board,  comprising  managers 
responsible  for  security  operations  and  applications, 
spearheaded  the  SIM  project.  All  board  members  par¬ 
ticipated  in  the  SIM  tool  selection. 

“Most  of  the  SIM  tools  at  that  time  were  too  complex 
and  lacked  the  integration,  incident  response  and 
reporting  features  we  needed, "says  Hafeez,  who  settled 
on  nFX  (which  starts  at  $40,000  to  cover  10  servers) 
because  of  its  real-time  notification  and  seamless  inte¬ 
gration  with  MHSAs  existing  security  technologies. 

The  SIM  project  paid  for  itself  not  only  by  streamlin¬ 
ing  event  discovery  and  mitigation  but  also  because  it 
aggregates  raw  event  information  for  more  efficient 
storage  —  easily  helping  MHSA  meet  the  three-year 
retention  mandate,  Hafeez  says.  With  real-time  correla¬ 
tion  on  actionable  events,  the  SIM  project  also  has 
been  successful  at  involving  the  business  units  in  mak¬ 
ing  informed  decisions  as  events  unfold. 

For  example,  after  evaluating  the  SIM  data  taken 
from  the  Welchia  virus,  MSHA  realized  it  needed  to 
audit  and  review  firewall  rules  periodically  and  to  bet¬ 
ter  protect  the  1,200  remote  laptops  used  by  field 
inspectors  and  trainers  logging  in  from  insecure 
access  points  around  the  world.  So  Hafeez’s  team 
streamlined  and  automated  patch  management  using 
Shavlik  Technologies’  HFNetChk  Pro  and  Microsoft 
Systems  Management  Server,  implemented  a  remote 
access  policy  using  Juniper  Networks’  SSL  VPN  gear 
and  is  working  toward  deploying  Sygate  On-Demand 
software  for  laptop  security  policy  enforcement. 

“Just  being  in  paper  compliance  doesn’t  do  much  for 
actual  security'  Mattos  says. “With  Syed’s  guidance,  we 
understood  we  needed  automated  assistance  to  aug¬ 
ment  and  correlate  the  stand-alone  security  systems  we 
already  had  in  place.  We  needed  a 
SIM  solution." 
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DEFENSE  INFORMATION  SYSTEMS  AGENCY  (DISA), 

CENTER  FOR  COMPUTING  SERVICES 

•  project  lead:  Rick  Fleming,  enterprise  systems  management  project  manager 

•  technology  focus:  Management  —  IT-business  service  alignment 

ISA's  Center  for  Computing  Services,  at  Maxwell  Air  Force  Base  in  Montgomery,  Ala.,  is  a  step  ahead  of 
fthe  pack  on  integrating  IT  with  business  services  —  despite  a  complex  environment.  The  agency  is 
reaping  $140  million  in  savings  annually  as  the  result  of  a  $3  million  business  service  management  (BSM) 
project  that  provides  a  consolidated  view  of  data  from  disparate,  heterogeneous  management  platforms.  BSM 
greatly  eases  management  of  1 ,400  applications  serving  more  than  2  million  users.  Computing  Services  also  can 
view  logical  groupings  of  interrelated  physical  elements  and  therefore  make  sure  that  its  infrastructure  is  aligned 
with  operational  objectives.  Using  Managed  Object’s  Business  Service  Management  software,  DISA  has  been  able 
to  consolidate  18  systems  management  centers  to  four,  and  16  help  desks  to  four,  while  cutting  in  half  the  time  to 
resolve  problems.  Customer  satisfaction  ratings  also  have  risen  dramatically 

LEE  COUNTY  SHERIFF’S  OFFICE 

•  project  lead:  Bryon  Haycook,  CAD  system  manager 

•  technology  focus:  Wireless  —  cellular  wireless  data  access 


D 


eputies  hit  the  streets  in  this  southwest  Florida  county  headquartered  in  Fort  Myers,  knowing  they  are 
backed  up  by  reliable,  high-speed  cellular  data  services.  The  sheriff’s  office  invested  $1  million  to  pro¬ 
vide  access  to  Sprint's  Code  Division  Multiple  Access  (CDMA)-based  network  and,  ultimately  next-gen¬ 
eration  EV-DO  services.  The  wireless  data  access  improves  productivity  and  performance  by  enabling  deputies  to 
stay  in  the  field  rather  than  returning  to  the  sheriff’s  office  to  fill  out  paperwork  and  submit  reports.  To  manage 
connectivity  for  600  users,  the  sheriff’s  office  uses  NetMotion  Wireless'  Mobility  XE  VPN  server,  as  well  as  GPS 
tracking  software  for  deputy  dispatching.  Wireless  LANs  serve  various  buildings. 

SOUTH  CAROLINA  DEPARTMENT  OF  REVENUE  (DOR) 

•  project  lead:  Michael  Garon,  senior  administrator  and  CIO 

•  technology  focus:  E-commerce  —  Web  infrastructure 


Radcliff  is  a  freelance  writer  in 
northern  California.  She  can  be 
readied  at  deb@raddiff.com. 


★  SIM  tips 

Syed  Hafeez,  information  systems 
security  officer  for  MHSA,  has 
been  through  the  SIM  ropes. 

Get  his  management  tips,  and 
more,  online:  www.nww.com; 
docfinder:9736. 


ntrepreneurs  who  want  to  launch  a  business  in  South  Carolina  are  getting  a  helping  hand  from  a  state 
e-commerce  site  launched  in  May  South  Carolina  Business  One-Stop  walks  users  through  the  process  of 
registering  a  new  business  and  obtaining  appropriate  licenses  or  permits.  The  system  asks  relevant  ques¬ 
tions,  collects  data,  facilitates  payment  via  credit  card  or  electronic  funds  withdrawal,  submits  applications  and 
communicates  with  various  agencies  in  a  secure  online  transaction.  The  project  team  relied  on  Microsoft  .Net- 
based  Web  services  and  content  management  tools  to  support  the  back-end  processing  required  for  the  intera¬ 
gency  communication.  Although  the  Web  site  is  new,  state  officials  expect  it  to  reduce  the  time  required  for 
launching  a  new  business  in  South  Carolina  from  weeks  to  days.  This  also  results  in  significant  cost-savings  for 
business  operators.  The  DOR  calculates  that  the  10,000  businesses  launched  yearly  in  South  Carolina  had  been 
spending  more  than  $7  million  to  get  up  and  running,  based  on  an  average  of  $15  per  hour  and  47  hours  spent 
per  business.  The  DOR  reports  a  $4  million  project  cost,  with  expected  ROI  of  100%  in  three  years. 

U.S.  COAST  GUARD  (USCG)  OPERATIONS  SYSTEMS  CENTER 

*  project  lead:  Lori  Kennedy,  project  officer 

technology  focus:  Applications  —  e-mail  integration  and  directory  services 

o  secure  the  country  the  U.S.  Department  of  Homeland  Security  (DHS)  needs  personnel  at  its  22  agen¬ 
cies  to  be  able  to  send  data  to  each  other  immediately  and  securely  despite  differences  in  e-mail  systems 
(some  agencies  use  Microsoft  Exchange  variants,  while  others  rely  on  Lotus  Notes,  cc:Mail  or  proprietary 
programs).  The  USCG  Operations  Systems  Center,  in  Keameysville,  WVa.,  had  the  task  of  figuring  out  how  to 
achieve  the  interagency  information  exchange.  During  a  12-month  period,  using  products  from  Cisco,  HR 
Microsoft,  Sun  and  others,  it  developed  and  deployed  the  DHS  Directory  Services  and  Email  System  (DSES).  The 
DSES  assigns  a  uniform  e-mail  address  to  approximately  200,000  DHS  users,  and  routes  e-mail  traffic  to,  from  and 
between  all  agencies  and  the  Internet  while  protecting  against  viruses  and  spam.  Interagency  e-mail  no  longer 

gets  routed  via  the  'Net,  but  across  the  more  secure  DHS  network.  Employees  also  get  access 
to  an  electronic  directory  that  provides  an  up-to-date  single  source  of  e-mail  addresses  across 
agencies.  The  center  tallied  the  DSES  project  cost  at  $2  million,  while  calculating  an  8%  ROI 
for  year  one  (the  base  system  became  operational  in  April  2003)  and  projecting  a  24%  ROI 
for  year  three.  The  DSES  now  handles  all  DHS  e-mail,  with  an  uptime  rate  of  99.99%;  stops 
more  than  20,000  offensive  messages  daily  and  removes  more  than  10,000  viruses  each  day 
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No  more  unidentified  issues. 

Zero  in  on  the  source  of  any  SAN  slowdown. 


Welcome  to  a  network  tool  so  smart,  it's  almost  unreal.  NetWisdom.  The  intelligent  SAN  performance 
monitoring  solution  that  keeps  you  one  step  ahead  of  trouble. 

Instantly  measure  SAN  performance  against  the  baseline  to  verify  you're  meeting  internal  service 
objectives.  The  exclusive  "visual  dashboard"  displays  real-time  health  of  the  entire  fabric.  And  if  your 
SAN  stumbles,  you  can  quickly  identify  and  engage  the  vendor  at  fault,  to  drive  swift  problem  resolution. 

Understand.  Identify.  Resolve.  Fast.  With  the  NetWisdom  SAN  performance  monitoring  solution. 

Dashboard  delivers  a  visual  snapshot 

of  entire  san  fabric  performance.  Get  more  details  during  a  free  webinar,  "Improving  SAN  Performance  and  Uptime  with  NetWisdom." 

Sign  up  now  at  http://finisarevents.webex.com 
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The  U.S.  healthcare  industry  is  renown  for  its 
advanced  technology  Healthcare  net  executives 


are  upgrading  to  huge  and  sophisticated  net¬ 
work  technologies  in  preparation  for  their 
next-generation,  bandwidth-needy  applications 
This  slate  of  nine  Enterprise  All-Star  winners 


-  -  illustrates  today’s  technology  trend 


>  oo  Vince  Miller 
and  Joan  MeFaul, 
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Convergence 
for  critical  care 

^  MetroHealth  converges  voice  and  data  over 
wireless  IP,  delivering  better  care  for  more 
patients  —  without  increasing  staff  size. 

-By  JOANNE  CUMMINGS- 


During  emergency  heart  surgery  at  MetroHealth  System’s  new  Critical  Care  Pavilion, a  patient’s  vital  signs  go  hay¬ 
wire.  The  anesthesiologist  needs  expert  advice,  and  fast.  He  hits  a  button  on  a  wireless  phone  strapped  to  his 
waist  and  is  instantly  connected  to  the  department  chief,  who  simultaneously  conferences  in  other  anesthesiol¬ 
ogists.  After  this  quick  verbal  consult  —  during  which  he  never  leaves  the  patient’s  side  —  the  anesthesiologist  makes  a  small 
adjustment,  the  patient  stabilizes  and  the  operation  is  a  success. 


HEALTHCARE 


QuickStats 

★  MEDIAN  PROJECT  DURATION: 

12  months 

★  MEDIAN  PROJECT  BUDGET: 

$500,000 

★  noteworthy:  Mean  one- 
year  ROl  for  winning  health- 
:  are  projects  is  164%. 


Life-saving  real-time  collaborative  scenarios 
such  as  this  have  become  commonplace  at 
MetroHealth  System  since  the  Cleveland 
healthcare  group  opened  its  CCP  in  June  2004. 
Near  the  established  medical  center,  the  CCP 
features  an  emergency  department  and  17  sur¬ 
gical  suites  tied  together  via  a  state-of-the-art 
wireless  data  and  VoIP  system. 

With  the  CCP’s  opening,  MetroHealth  dou¬ 
bled  its  space  and  tripled  the  number  of  mon¬ 
itored  beds.  Staff  size,  however,  did  not  change. 
This  meant  that  simply  extending  the  medical 
center’s  Gigabit  Ethernet  backbone  to  the  CCP 
wasn’t  going  to  be  adequate,  says  Vince  Miller, 
vice  president  and  CIO  at  MetroHealth. 

“We  knew  communications  was  going  to  be 
a  big  issue,”  he  says. “We  thought  [VoIP]  might 
be  the  answer  Besides  VoiPwireless  made  bet¬ 
ter  business  sense  than  giving  the  on-the-go 
emergency  department  and  surgical  staffs  sta¬ 
tionary  connections  to  the  hard-wired  corpo¬ 
rate  network  serving  the  facility 

So  MetroHealth  combined  the  two  tech¬ 
nologies  to  create  a  converged  wireless  net¬ 
work  that  has  improved  operations  and 
patient  care  while  serving  about  70,000  crit¬ 
ical  care  patients  a  year.  As  a  result, 
MetroHealth  —  the  only  Level  1  trauma  cen¬ 
ter  serving  the  region  —  earns  recognition  as 
a  2005  Enterprise  All-Star. 


Eliminating  the  runaround 

MetroHealth  hasn’t  exactly  been  conven¬ 
tional  with  its  wireless  VoIP  setup.  For  example, 
it  doesn’t  use  Cisco’s  CallManager  IP  PBX  soft¬ 
ware,  even  though  it  does  rely  on  the  Cisco 
Catalyst  4507  switch  at  its  core  and  44  Cisco 
AP1210  access  points.  Instead,  IT  used  its 
Nortel  1000  PBX  as  the  base  of  its  IP  system, 
says  Joan  MeFaul,  director  of  IT  infrastructure. 
“If  we  had  gone  all-Cisco,  we  would  have  had 
to  put  in  two  telecommunications  systems. 
This  way,  we  . . .  retained  our  traditional  tele¬ 
com”  infrastructure  while  implementing  wire¬ 
less  VoIP  she  says. 

For  placing  VoIP  calls,  McFaul’s  six-member 

See  Healthcare,  page  72 
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FVX538  ProSafe  VPN  Firewall  200 

■  8  port  10/100  and  1  Gigabit  port  switch 

■  200  simultaneous  VPN  IPSec  tunnels 

■  Proactive  policy  enforcement  for 
anti-virus  and  anti-spam  security 

■  Dual  WAN  ports  for  load  balancing 
and  back-up 

■  QoS  for  VoIP 

■  SNMP  manageable 

■  Rackmountable 


FVS338  ProSafe  VPN  Firewall  50 

■  8-port  10/100  LAN  Switch 

■  50  simultaneous  VPN  IPSec  tunnels 

■  Proactive  policy  enforcement  for 
anti-virus  and  anti-spam  security 

■  Analog  Modem  support  for  auto 
failover  capability 

■  QoS  for  VoIP 

■  SNMP  manageable 


Unlock  the  Potential  of 
Unified  Threat  Management 

The  combination  of  NETGEAR®  ProSafe™  hardware  and  new 
security  software  sets  the  new  UTM  standard  for  SMB 

NETGEAR's  award-winning  ProSafe  VPN  firewalls  with  new,  integrated  anti-virus/anti-spam  software*  make  a 
winning  combination  for  SMBs.  Small  to  Medium  Business  can  now  enjoy  business-class,  end-to-end  security 
functions  like  SPI  firewall,  VPN,  intrusion  detection/prevention,  anti-virus/anti-spam  policy  enforcement,  and 
content  filtering  in  one  complete  solution,  without  the  hidden  costs  competitors  add  for  user  quantity  upgrades 
or  extra  VPN  tunnels.  Businesses  can  lock  into  a  true  UTM  solution  for  data  transmission,  remote  access,  and 
proactive  prevention  of  blended  threats,  such  as  viruses,  worms,  Trojan  horses,  spam,  and  countless  other 
intrusions.  And  because  ProSafe  security  products  are  standards-based,  businesses  can  integrate  their  existing 
SMB  security  infrastructures  or  provide  an  interoperable  foundation  for  securing  a  LAN  or  WAN.  Dial  into  true 
UTM  today  with  NETGEAR.  For  more  information,  visit  www.netgear.com/go/utm 
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Healthcare  continued  from  page  70 

IT  team  selected  SpectraLink’s  2211  wireless  phones.  Spectralink 
Voice  Protocol  (SVP)  server  software,  loaded  on  the  Catalyst  4507, 
ensures  that  the  CCP’s  802.1  lb  wireless  LAN  can  support  voice  and 
data.The  hospital, in  turn.can  implement  new  applications  that  lever¬ 
age  both, she  says. 

As  an  example,  McFaul  describes  how  MetroHealth’s  emergency 
department  nurses  use  the  wireless  VoIP  network.  When  emergency 
department  nurses  come  on  duty,  they  log  themselves  and  their  wire¬ 
less  phones  and  headsets  in  to  the  nurse  call  system  by  swiping  bar 
codes  on  their  badges  and  the  devices.  After  they  key  in  their  patient 
assignments,  the  call  system  database  uses  middleware  from  a  com¬ 
pany  called  Emergin  to  map  the  phones  to  the  nurses’  assigned 
patients  and  to  the  cardiac  monitors  and  call  buttons  in  the  exam 
rooms.  The  nurses  not  only  receive  voice  calls  via  the  wireless  net¬ 
work,  but  also  data  alerts  from  the  monitoring  devices. 

If  a  patients  vital  signs  go  beyond  a  preset  threshold,  for  example, 
a  cardiac  monitor  would  issue  an  alert  that  the  nurse  receives  via  the 
wireless  phone.  When  any  monitor  registers  a  code-blue  emergency, 
all  staffers  are  immediately  notified  via  their  wireless  phones. 

A  substantial  productivity  increase  results.“A  nurse  can  receive  an 
alert  from  the  physical  monitor  or  a  patient  call  request  and 
respond  to  the  patient  through  the  nurse  call  button,”  Miller  says. 
“The  nurse  knows 
from  the  phone  dis¬ 
play  the  source  of  the 
request  or  alert  and 
can  speak  with  the 
patient  directly 

This  saves  time,  espe¬ 
cially  in  critical  situa¬ 
tions,  McFaul  adds.  “If  a 
patient  calls  and  says 
he’s  bleeding,  you  need  to  respond  immediately.  But  maybe  the 
patient  just  needs  a  blanket.  Either  way,  you  know  how  to  respond, 
without  having  to  go  to  the  room  first  to  figure  out  what  the  situation 
is,”  she  says.  The  upshot  is  that  the  emergency  department  staff  can 
handle  more  patients  and  monitor  more  beds,  while  keeping  staffing 
levels  the  same,  she  says. 

The  wireless  VoIP  network  also  makes  paging  more  efficient,  Miller 
says.  Previously,  emergency  department  nurses  would  use  desk  or 
wall  phones  to  page  doctors  and  then  to  receive  the  return  calls.The 
nurses  had  to  wait  near  the  phones  from  which  they  issued  the 
pages,  or  risk  missing  the  return  calls.  With  the  new  system,  return 
calls  come  directly  to  the  wireless  phones  strapped  to  the  nurses’ 
waistsTNurses  can  reach  a  doctor  and  have  questions  answered  no 
matter  where  they  are  on  the  floor  he  says.  This  is  a  big  improve¬ 
ment,  especially  when  lives  hang  in  the  balance,  and  critical  care 
decisions  need  to  be  made  in  seconds. 

The  system  cost  MetroHealth  $  1 70,000.  Already  the  productivity 
improvements  and  overall  ROl  are  measurable,  Miller  says.  For  exam¬ 
ple,  the  group  no  longer  needs  to  devote  five  staffers  to  watching 
patient  monitors.There  alone  the  annual  savings  is  $200,000. 

“But  the  real  key  is  the  productivity.  It  has  allowed  us  to  see  a 
greater  number  of  patients  with  the  same  size  staff,”  Miller  says. 
“Overall,  the  physicians, the  anesthesiologists, the  nurses  —  and  espe¬ 
cially  the  patients  —  are  all  extremely  happy  with  it." 

" ummings  is  a  freelance  writer  in  North  Andover,  Mass.  She  can  be 
reached  at  jocummings@comcast.net. 


.  .  .  the  real 
key  is  the 
productivity.” 

—  Vince  Miller,  CIO,  referring  to  the 
benefits  of  MetroHealth  s  converged 
wireless  IP  infrastructure 
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AUSTIN  RADIOLOGICAL  ASSOCIATION 

•  project  lead:  R.  Todd  Thomas,  CIO 

■  technology  focus:  Wireless  —  optical  wireless  networking 

hen  this  specialty  healthcare  provider  decided  to  migrate  to  an  all-digital,  Web- 
based  imaging  system  to  serve  65  radiologists  at  1 4  facilities  in  central  Texas,  it 
turned  to  ffee-space  optics,  which  provides  optical  bandwidth  from  lasers  placed 
line-of-sight  from  one  building  to  another.  Austin  Radiological  Association  selected  LightPointe 
Communications'  Flight  optical  wireless  systems,  including  FlightStrata  with  155M  bit/sec  of 
secure  bandwidth  and  the  FlightLite  100,  which  delivers  100M  bit/sec.  With  the  systems,  ARA 
can  expand  the  business  while  minimizing  infrastructure  costs  and  enhancing  communications 
and  collaboration.  The  firm  realized  ROI  on  its  FlightLite  gear  in  six  months  and  expects  a  12-  to 
18-month  ROI  for  the  FlightStrata  equipment. 

BETH  ISRAEL  DEACONESS  MEDICAL  CENTER 

•  project  lead:  John  Halamka,  CIO 

■  technology  focus:  Wireless  —  Wi-Fi-based  asset  tracking 

his  Boston  medical  center  is  always  looking  for  ways  to  improve  patient  care  while  cut¬ 
ting  costs.  By  optimizing  workflows  and  improving  asset  management,  CIO  John 
Halamka  is  saving  the  hospital  $300,000  to  $400,000  annually  lost  in  missing  equipment. 
He  selected  a  Wi-Fi-based  asset-tracking  system,  relying  on  location-aware  technology  from 
PanGo  Networks  and  a  Cisco-based  wireless  LAN.  No  longer  will  cardiac  monitors  and  wheel¬ 
chairs  go  missing  within  the  sprawling  complex.  Medical  staff  can  more  easily  find  the  assets. 
Beth  Israel  Deaconess  Medical  Center  has  invested  a  nominal  $50,000  in  the  technology,  but 
Halamka  says  the  cost  of  full  deployment  should  reach  into  the  six  figures. 


COVENANT  HEALTH 


•  project  lead:  Bill  Dean,  senior  systems  analyst 

•  technology  focus:  Servers  —  Virtualization,  consolidation 


This  Knoxville,  Term.,  healthcare  provider  fended  off  a  potential  $1.5  million  data  center 
infrastructure  upgrade  by  turning  to  server  virtualization.  IT  spent  $345,000  on  four  vir¬ 
tualized  nodes  from  VMware  and  subsequently  has  reduced  the  number  of  physical 
production  servers  by  100  and  consolidated  10  test-and-development  servers  into  one  virtual¬ 
ized  server.  Covenant  now  deploys  75%  of  its  applications  on  virtual  machines,  with  uptime 
topping  99%.  Provisioning  time  is  down  to  less  than  a  day,  compared  with  a  month  or  more  pre¬ 
viously  Covenant  also  reports  capital  savings  of  $155,000  over  18  months. 


•  project  lead:  Christie  Mill,  IT  director 

•  technology  focus:  WAN  —  enterprise  network  buildout 


This  Lake  Forest,  Ill. ,  organization  replaced  more  than  20  disparate  networks  in  a  $1.4  mil¬ 
lion  network  overhaul.  The  new  Cisco-powered  Gigabit  Ethernet  backbone  spans  the 
foundation’s  two  main  campuses  and  10  remote  sites  in  a  20-mile  radius.  Wide-area  con¬ 
nectivity  comes  by  way  of  an  SBC-provided  OC-12  SONET  ring.  Availability  of  a  single,  high¬ 
speed  backbone,  combined  with  deployment  of  a  digital  imaging  system,  has  significantly 
improved  the  medical  staff’s  efficiency  while  reducing  costs.  For  example,  physicians  can  view 
X-rays  and  other  medical  images  from  their  computers  —  either  on-site  or  when  tapping  into  the 
network  via  an  SSL  VPN  from  home.  Lake  Forest  Hospital  Foundation  has  introduced  exclusive 
services,  such  as  fetal  echo  cardiography  The  foundation  says  it  has  cut  operational  costs  in  criti¬ 
cal  clinical  areas  by  as  much  as  75%,  while  tallying  a  $2  million  first-year  ROI. 


MEDCO  HEALTH  SOLUTIONS 

•  project  lead:  Kenny  Klepper,  COO 

•  technology  focus:  Management  —  business  service  management 


his  pharmacy  benefit  manager  in  Franklin  Lakes,  N.J.,  has  crafted  a  business  service 
management  strategy  combining  Six  Sigma  best  practices  with  sophisticated  service 
management  tools.  So  far,  increasing  efficiencies  and  eliminating  system  downtime  has 


See  Healthcare,  page  76 
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areas,  from  fast-food  orders  to  guest  accommoda¬ 
tions.  Wireless  and  convergence  technologies  have 
become  important  tools  for  keeping  in  contact  with 
customers,  even  as  they  roam  a  service  area. 


... 


Joseph  Schuldhaus, 

vice  president  of  IT,  West  Edmonton  Mall 


ntethered  Utopia 


★  West  Edmonton  Mall  turns  Wi-Fi  into  a  tourism 
dream  come  true. 


-By  DEBORAH  MENDEZ-WILSON  ~ 


o 


ffering  tourists  the  largest  entertainment  and  shopping  complex  in  the  world  wasn’t  enough  for  West  Edmonton 
Mali's  tech-sawy  executives. 

Located  in  Edmonton,  Alberta,  a  former  fur-trading  post  in  northwestern  Canada,  the  ubermall  covers  the  equiva¬ 
lent  of  48  city  blocks  and  is  billed  as  “the  greatest  indoor  show  on  earth.”Each  year, 22  million  visitors  flock  to  the  entertainment 
mecca’s  three  hotels,  eight  amusement  parks,  21  theaters,  1 10  restaurants  and  800  shops.  Boredom  is  definitely  not  an  option. 
Fantasyland  Hotel  guests  can  choose  from  Roman,  Polynesian  and  other  themed  rooms, and  World  Waterpark  thrill  seekers  can 
scream  down  miles  of  slides  that  stretch  like  licorice  in  a  candy  factory  On  Bourbon  Street,  it’s  Mardi  Gras  every  day 
Despite  such  amenities,  managers  hankered  to  develop  an  unused  bit  of  real  estate:  thousands  of  cubic  feet  of  empty  airspace. 
!i 1  2i X.)2,they  launched  a  plan  to  build  a  wireless  network  that  could  be  accessed  anywhere  in  the  mall.With  the  help  of  Siemens 


HOSPITALITY 


QuickStats 


★  MEDIAN  PROJECT  DURATION: 

Nine  months 


*  MEDIAN  PROJECT  BUDGET: 

$300,000 


★  noteworthy:  Mean 
one-year  ROI  for  winning 
hospitality  pro  jects  is  182%. 


Communications,  their  vision  of  a  secure,  end- 
to-end  mobile  network  is  well  on  its  way  to 
becoming  reality  Over  the  past  year,  the  part¬ 
ners  have  installed  the  first  phase  of  an  802.1 1 
wireless  LAN  (WLAN)  that  has  turned  West 
Edmonton  Mall  into  the  largest  Wi-Fi-enabled 
entertainment  and  retail  center  on  the  planet. 
For  its  above-and-beyond  Wi-Fi  efforts,  West 
Edmonton  Mall  earns  the  distinction  of  being 
named  a  2005  Enterprise  All-Star. 

“What  we  are  trying  to  do  is  build  a  commu¬ 
nity  and  allow  people  to  connect  in  that  com¬ 
munity  space,”  says  Joseph  Schuldhaus,  the 
mall’s  vice  president  of  IT. 

Conceived  as  an  opportunity  to  provide  staff 
high-speed  wireless  Internet  services  and 
applications,  the  project  quickly  grew  into  a 
plan  to  gain  a  competitive  edge  in  the  mail’s 
three  commercial  markets:  entertainment,  hos¬ 
pitality  and  retail. Motivating  managers  was  the 
idea  that  technology  has  become  a  pivotal  fac¬ 
tor  in  where  people  decide  to  work  and  play 

“We  now  live  in  a  world  where  the  Internet  is 
always  on  and  always  available,”  Schuldhaus 
says.  “A  new  breed  of  location-based  tools  is 
emerging  that  provides  connected  people 
with  knowledge  of  services,  products  and 
resources  that  are  most  convenient  to  their 
current  location.” 

Managers  wanted  a  network  secure  enough 
for  the  mail’s  16,500  employees  to  remotely  ac¬ 
cess  it  from  home  offices,  parking  lots  and  cor¬ 
porate  branches.  They  also  wanted  to  create 
different  user-access  policies  and  applications 
for  multiple  types  of  end  users. They  looked  at 
several  solutions  over  a  three-year  period 
before  choosing  Siemens’  HiPiath  Wireless  port¬ 
folio,  a  centrally  deployable  WLAN  that  can  be 
installed  over  any  data  or  VoIP  network.The  IT 
team  was  sold  on  HiPath’s  ability  to  support 
VoIP  and  other  real-time  applications  without 
requiring  users  to  re-authenticate  and  re-key  as 
they  move  around, as  well  as  its  Layer  3  overlay 
architecture, designed  for  fast.secure  roaming. 

The  $300,000  Wi-Fi  network,  dubbed  WEMi- 
Sphere,  serves  the  mall’s  Fantasyland  Hotel, 
food  court  and  waterpark.  Managers  expect  to 
See  Hospitality,  page  76 


DON’T  LET 
SPYWARE 
SABOTAGE  YOUR 
ENTERPRISE. 


The  next  threat  is  no  threat  with  Trend  Micro. 

Expose  and  eradicate  spyware  with  Trend  Micro's  Enterprise-class,  multi-level, 
anti-spyware  solutions.  They're  the  only  solutions  that  block  and  clean  at  the  gateway — 
the  most  effective  point  of  control,  Trend  Micro.  #1  global  leader  at  the  gateway  and 
industry  pioneer.  Whether  it's  a  virus,  worm,  spyware,  or  spam,  we've  got  you  covered. 


For  a  FREE  evaluation  and  IDC  whitepaper, 
go  to  www.trendmicro.com/spyware 
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Hospitality  continued  from  page  74 
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roll  out  70  more  wireless  hot  spots  by  next  year, 
bringing  the  total  to  130. The  IT  team  is  exploring 
a  real-time  video  surveillance  system  for  the  mall’s 
mobile  security  force,  and  is  working  with  Sie¬ 
mens,  Dell  and  HP  on  tablet  PC  and  PDA  products 
rugged  enough  to  withstand  Canadian  winters. 

Meanwhile,  an  increase  in  conference  atten¬ 
dees  has  convinced  managers  that  the  network 
and  its  competitive  pricing  plans  are  drawing 
new  customers.  For  $10.95,  hotel  guests  can  buy 
24  hours  of  network  access  that  enables  them  to 
roam  from  their  room  to  nearby  conference 
rooms  and  attractions.  For  about  $34.95  a  month, 
tenants  get  unlimited  access  for  online  banking, 
location-based  marketing,  and  Internet-based 
services  for  customers  and  employees. 

"By  selecting  a  wireless  platform  that  is  based  on 
open  standards,  we  are  better  prepared  to  address 
any  application  service,”  Schuldhaus  says.  “We 
expect  that  our  own  requirements, as  well  as  those 
of  our  tenants,  will  drive  those  services.” 

Based  on  their  projections,  mall  managers 


expect  to  recoup  incremental  investment  costs  in 
less  than  two  years  and  garner  a  120%  ROI  in 
2007  from  Wi-Fi  access  sales  and  affordable  voice- 
over-Wi-Fi  telephony  for  tenants.The  mail’s  parent 
company  Triple  Five,  is  weighing  a  similar  installa¬ 
tion  at  the  giant  Mall  of  America  in  Bloomington, 
Minn., which  it  co-owns. 

Response  from  West  Edmonton  Mall  customers 
and  tenants  has  been  upbeat.  A  visitor  described  a 
VoIP  conference  call  he  conducted  over  a  Wi-Fi 
phone  while  his  children  played  at  the  waterpark. 
An  optometrist  reported  that  he  conducts  busi¬ 
ness  over  the  network  while  his  wife,  with  their 
children  and  a  laptop  in  tow,  takes  care  of  the 
shop’s  accounting  on  the  fly  at  amusement  ven¬ 
ues.  For  Schuldhaus, such  satisfaction  is  all  part  of 
delivering  the  services  demanded  in  today’s  in¬ 
creasingly  competitive  and  digital  business  world. 

“West  Edmonton  Mall  prides  itself  on  giving 
people  a  unique  shopping  experience,”  he  says. 
“We  promise  to  keep  building  on  that.” 

Mendez-Wilson  is  a  Denver  freelance  writer.  She 
can  be  reached  at  madre2@qwest.net. 


>  Hospitality  ■ 

Bigari  Foods 

project  lead:  Matt  Favier,  IT  director 
technology  focus:  Convergence  —  centralized  call  center 

igari  Foods,  a  McDonald's  franchise  that  operates  in  Colorado  Springs,  Colo.,  has  taken  the 
fast-food  industry  into  a  new  world  with  its  innovative  use  of  call-center  technology;  point-of- 
sale  software  and  converged  voice  and  data  IP  services  from  Masergy  Communications. 
The  company  has  integrated  these  technologies  to  enable  centralized  meal  order  processing. 
Customers  can  place  orders  from  the  Playland  rather  than  having  to  come  to  the  restaurant's  front 
counter,  for  example.  Likewise,  a  restaurant  can  offer  multiple  drive-up  lanes  without  dedicating  an 
order-processing  station  to  each  one.  The  orders  are  processed  centrally  at  the  call  center.  The 
company  says  the  convenience  factor  has  led  to  up-sell  revenue  on  85%  of  transactions  and  a  33% 
reduction  in  the  staff  required  at  24-hour  outlets.  Bigari  Foods  handles  10,000  transactions  daily 
through  the  call-center  system,  with  an  expected  volume  of  3.6  million  total  transactions  by  2007. 
The  company  expects  significant  growth  as  a  result  of  eliminating  the  need  for  orders  to  flow 
through  a  restaurant's  front  registers.  The  franchise  recouped  its  $70,000  investment  in  the  central¬ 
ized  call  center  in  eight  months. 

Carnival  Cruise  Lines 

project  leads:  76/77  McCormick,  manager  of  network  engineering;  John  Harshaw, 
director  of  IT  operations 

technology  focus:  Wireless  —  Wi-Fi-enabled  ship 
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Healthcare  continued  from  page  72 

resulted  in  up  to  99%  fewer  IT  defects  reaching 
customers  —  which  has  translated  to  a  20%  improvement  in 
client  satisfaction  over  the  last  1 2  months.  A  host  of  BMC 
Software  tools  underpins  the  BSM  system,  while  Invoq  Systems' 
AlarmPoint  software  provides  data  for  building  service-level 
agreements.  Medco  slates  project  costs  at  $  1  million  and  esti¬ 
mates  saving  $2,000  per  help-desk  ticket  opened. 

MOUNTAIN  STATES  HEALTH 
ALLIANCE 

■  project  lead:  Rich  Rairigh,  enterprise  network  manager 
•  technology  focus:  Wireless  —  broadband  infrastructure 

When  this  Johnson  City  Term. ,  healthcare  system  needed 
to  provide  secure  access  to  wireless  data,  QoS-based 
VoIP  and  excellent  cellular  coverage,  it  discovered  that 
an  RF  antenna-based  broadband  backbone  best  suited  its  needs. 
Using  InnerWireless'  InnerMobile  RF  broadband  antenna  system, 
Mountain  States  Health  Alliance  has  built  an  in-building,  shared 
wireless  infrastructure  that  supports  a  host  of  voice  and  data  serv¬ 
ices,  including  a  Cisco-based  wireless  WAN.  Among  applications 
supported  over  the  wireless  infrastructure  are  bedside  records- 
checking,  PDA  and  wireless  guest-service  access  and  Citrix  serv¬ 
ices.  MHSA  has  invested  $2.4  million  in  the  six-hospital  rollout.  It 
expects  to  break  even  within  three  and  a  half  years. 

NOVARTIS 

•  project  lead:  Andreas  Wuchner-Bruehl,  head,  IT  security 
•  technology  focus:  Security  —  global  compliance 

his  Basel,  Switzerland,  pharmaceutical  company  has 
implemented  two  automated  security-management 
platforms  to  keep  its  global  infrastructure  safe  and  in 
compliance  with  the  Sarbanes-Oxley  Act  and  other  regula¬ 
tions.  The  platforms  discover  security  and  compliance  risks, 
assess  their  severity,  generate  role-based  reports  and  offer 
remediation  information.  For  external  risk  management, 
Novartis  uses  the  SeTraSys  tool  to  monitor  about  150  devices 
directly  connected  to  the  Internet.  IT  monitors  the  internal 
infrastructure  using  the  same  technology,  but  with  a  manage¬ 
ment  platform  called  Kaizen.  SeTraSys  and  Kaizen  are  based 
on  Qualys'  vulnerabihty-scanning  engine,  which  Novartis  has 
integrated  with  its  database  that  tracks  vulnerabilities  and 
details  about  networked  devices.  Novartis  not  only  gets  a 
current  view  of  its  security  posture,  but  also  can  compare 
changes  over  time.  Previously,  each  region  handled  security 
and  compliance  on  its  own. 

PARKVIEW  HEALTH  SYSTEMS 

•  project  lead:  Ron  Double,  director  of  technology  services 

•  technology  focus:  WAN  —  SONET  ring 


orried  about  losing  connectivity  as  you're  steaming  toward  the  Caribbean?  There’s 
no  problem  if  you  cruise  on  Carnival's  Valor,  the  first  100%  Wi-Fi-enabled  ship.  The 
Miami  cruise  line  has  outfitted  the  Valor  from  bow  to  stern  with  four  distinct  wireless 
LANs  —  the  corporate  data  network,  the  public  I-cafe  network,  the  crew  I-cafe  network  and  an 
802. 1 1  b/g  VoIP  network.  Wireless  VoIP  phones  are  especially  helpful  in  boosting  employee  pro¬ 
ductivity  Carnival  built  its  wireless  infrastructure  using  Cisco  Catalyst  switches  and  Cisco 
Aironet  access  points.  For  the  voice  telephony,  it  uses  Cisco  wireless  IP  phones,  Cisco  Call 
Manager  software  and  a  Siemens  PBX.  C-band  satellite  technology  carries  ship-to-shore  com- 
mmications.  Carnival  says  it  cost  $700,000  to  build  the  wireless  infrastructure,  with  an  expected 
ROI  of  $725,000  the  first  year  and  $2.5  million  in  year  three. 


A  SONET  ring  is  boosting  this  Fort  Wayne,  Ind.,  healthcare 
network's  WAN  bandwidth  by  300%  to  400%,  thus 
enabling  it  to  realize  its  grand  goal  of  creating  a  virtual 
intensive-care  unit  serving  60  beds  at  seven  hospitals.  Parkview 
also  will  be  able  to  transmit  larger  diagnostic  studies,  in  some 
cases  reducing  the  time  to  deliver  MRI  and  other  test  results  from 
days  to  hours.  The  ring  includes  five  OC-48  and  three  Gigabit 
Ethernet  nodes.  Parkview,  which  uses  Verizon's  Enhanced 
Dedicated  SONET  Ring  service,  pegs  project  costs  at  $4.5  million 
over  five  years,  or  just  $1 ,000  more  per  month  than  ATM. 
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BroadbandAccess  X 
now  af  a  greaf  pr/ce  of 

$59" 

monthly  access 


Offer  valid  on  2-year  Customer  Agreement  with  qualifying  voice  plan 


•  Wi-Fi  hotspots  only  work  in  limited  locations,  while  BroadbandAccess  works  in 
171  major  metropolitan  areas,  covering  over  1 40  million  people,  so  you  have  the 
freedom  to  work  where  it's  convenient  for  you. 

•  Unlike  Wi-Fi  hotspots,  BroadbandAccess  has  wide-area  coverage,  mobility  and  secure 
CDMA  technology,  and  is  the  nation's  largest  high-speed  wireless  broadband  network. 

•  Connect  to  the  Internet,  company  intranet,  or  email  and  download  critical  information 
and  access  business  applications  at  average  speeds  between  400-700  kbps. 


BroadbandAccess-only  from  Verizon  Wireless. 


Teamed 

with 


o 

Lucent 


Call  our  business  reps  at  1 .800.VZW.4BIZ  or  go  to  verizonwireless.com 


VGtl7Pn  wire  less 


Our  surcharges  find.  2.13%  Federal  Universal  Service  (varies  quarterly),  5e  Regulatory  &  400  Administrative  charge/line/mo.,  &  others  by  area)  are  not  taxes  (details:  1  -888-684-1888);  gov't  taxes  and  our  surcharges  could  add  6%-35%  to  your  bill.  Activation  fee:  $35/!ins. 
IMPORTANT  CONSUMER  INFORMATION:  Subject  to  Customer  Agreement,  Calling  Plan  &  credit  approval.  $175  termination  fee,  other  charges  &  restrictions.  Requires  compatible  PC  card  (purchased  separately).  Offers,  coverage  &  service  not  available  everywhere  Spec- 
claim  based  on  our  network  tests  with  5MB  FTP  data  files,  without  compression.  Actual  speeds  and  coverage  vary.  Coverage  limitations  &  maps  at  www.verizonwireless.com.  Limited  time  offer. 
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anufacturingAll-Stars 


Manufacturers  continue  to  push  the  boundaries 
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:  gV  ^  of  the  extended  enterprise.  As  these  five  winners 
.  show,  they  are  establishing  real-time  connections 

through  hefty  3-D  modeling  applications,  collab¬ 
oration  tools,  sophisticated  online  parts  catalogs 


or  secure  wireless  networks. 


MANUFACTURING 


QuickStats 

★  MEDIAN  PROJECT  DURATION: 

18  months. 

★  MEDIAN  PROJECT  BUDGET: 

$166,500. 

★  noteworthy:  Manufacturing 
winners  ’  three-year  ROI  range 
from  225%  to  almost  2000%. 


>  Mark  Heindselman.  manager  of  knowledge 
network  and  information  services,  Emerson 


BITS 

Emerson  Process  Management 
bridges  the  gap  between  40,000 


users  on  three  continents  with  a 
highly  collaborative  extranet. 

-By  SUSAN  SCHAIBLY- 

Emerson  Process  Management,  a  global  supplier  of  factory  automation 
equipment  and  optimization  services,  is  an  expert  at  making  things  work 
better.  Its  Enterprise  All-Star  project,  an  example  of  the  extended  enter¬ 
prise,  is  a  case  in  point.  Spread  across  more  than  600  locations  in  85  countries,  the 
company  uses  the  latest  in  collaboration  and  content  management  technology  to 
span  company  boundaries,  connecting  its  remote  design  engineers,  suppliers,  man¬ 
ufacturing  partners,  marketing  teams  and  customers.  As  a  result,  Emerson  saves 
$20,000  per  year  for  each  supplier  extranet,  enabling  a  three-year  ROI  and  net  sav¬ 
ings  of  more  than  $550,000. 

Mark  Heindselman,  manager  of  knowledge  network  and  information  services  at 
Emerson,  launched  the  platform  in  1998,  the  nascent  days  of  content  management, 
by  implementing  Stellent’s  Universal  Content  Management  software.  Since  then,  the 
system  has  undergone  continuing  enhancements  to  become  a  complete  collabora¬ 


tion  platform  for  Emersons  40,000  users  —  including  customers,  employees  and 


suppliers  —  who  require  access  to  product  information.The  crowning  achievement 
of  its  extended  enterprise  occurred  earlier  this  year  when  Emerson  released  its  first 
product  that  was  wholly  designed  within  the  Stellent  system. 

Content  management  in  action 


The  Universal  Content  Management  platform  was  fully  leveraged  for  the  launch  of 


the  GX  Control  Valve,  a  product  of  Emersons  Fisher  division.  The  valve’s  design 


process  began  in  2002, and  the  valve  was  introduced  to  the  market  early  in  2005.The 
development  teams  capitalized  on  the  system’s  unified  collaboration,  document 
control  and  Web  content  management  capabilities. 

Five  design  teams  in  four  countries  were  involved  in  the  initial  stages  of  the  GX 
Control  Valve  project.  In  the  past,  multiple  engineering  departments  would  e-mail  or 
mail  drawings,  specifications  and  supporting  documents  to  all  necessary  parties, 
Heindselman  says. Version  control,  workflow,  document  access  and  productivity  were 
all  suffering. “It  just  wasn’t  effective,”  he  recounts. 

The  Stellent  system  was  a  virtual  revolution  in  the  way  Emerson  designs  and  manu- 
lures  products.  Using  the  system  required  several  steps.  First,  Emerson’s  design 
teams  used  Stellent  as  a  Web-based, common  repository  for  product  design  specifica¬ 
tions,  competitive  data  and  other  critical  information.  Every  time  a  document  was 


— i  i 


revised,  team  members  received  an  e-mail  notification,  enabling  immediate  collabora¬ 
tion  and  feedback. 

Once  the  valve  was  designed  and  specifications  were  in  place,  Emerson  faced  one  of 
the  core  challenges  of  the  extended  enterprise  —  the  ever-increasing  access  by  outside 
partners  to  internal  resources.“We  needed  a  way  to  collaborate  with  the  suppliers  with¬ 
out  having  them  inside  our  firewall,"  Heindselman  says. The  company  also  wanted  to 
avoid  duplicating  its  data  onto  extra  servers  and  incurring  the  associated  capital,  oper¬ 
ational  and  licensing  costs. 

See  Manufacturing,  page  80 


With  shrinking  backup,  recovery  and  archive  windows,  most  IT  Professionals  protect  their  data  after  normal 
business  hours  and  on  weekends  -  the  times  when  you  would  rather  not  sit  around  watching  a  tape  library. 
Our  PX500  Series  redefines  value  in  rackmount  tape  automation  with  enterprise-class  features,  high  density 
and  market-leading  investment  protection.  And  our  superior  performance,  reliability  and  support  allow  you 
to  have  a  normal  life  -  with  vacations.  To  find  out  how  Quantum's  got  you  covered  with  our  new  PX500  Series, 
call  866-827-1500  or  visit  us  at  www.quantum.com.  Ui.TK|Ujy  ®r 


Quantum 


BACKUR  RECOVERY.  ARCHIVE.  ITS  WHAT  WE  DO." 


£2005  Quantum  is  a  trademark  of  Quantum  Corporation  in  the  United  States  and  other  countries.  All  other  trademarks  are  the  property  of  their  respective  companies. 
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lie  solution  was  a  Stellent-based  extranet, which 
i  enabled  Emerson  to  get  critical  information  to 
suppliers  while  maintaining  its  own  system’s 
integrity  and  security  The  drawings  and  manufac¬ 
turing  specifications  were  uploaded  to  the  Stellent 
Content  Server,  which  served  as  a  repository  for  all 
content,  regardless  of  type.  Emerson  personnel 
then  used  three-digit  meta-data  codes  to  control 
distribution  of  the  document.“We  can  put  a  single 
piece  of  content  out  on  the  extranet,  but  it  can 
have  multiple  distribution  codes.  That’s  the  cool 
part,”  Heindselman  says. 

Two  supplier  extranets  were  created  for  the  valve 
project.  The  first,  took  about  18  days  to  create.  Ex¬ 
perience  shortened  the  time  frame  for  the  second 
to  just  four  days.  Heindselman  estimates  that  the 
company  saves  $20,000  per  year  per  supplier  in 
paper-handling  costs.  Increased  employee  and 
partner  productivity  are  harder  to  calculate,  but  he 
says  the  GX  Control  Valve  was  brought  to  market 
months  faster  and  at  less  expense  than  his  most 
optimistic  colleagues  expected. 

The  investments  by  Emerson  were  reasonable  on 
all  fronts,  Heindselman  says.  The  company  paid 
$500,000  for  the  Stellent  system,  which  was  de¬ 
ployed  over  an  existing  IT  infrastructure  and  re¬ 
quired  minimal  IT  personnel  resources.  “On  our 
end,  it’s  run  by  end  users,”  he  says.  One  full-time 
technician  works  on  back-end  support  and  appli¬ 
cation  development,  and  a  few  other  users  con¬ 
tribute  to  the  ongoing  integration  of  the  Stellent 
system,  which  is  used  companywide  with  more 
than  150  business  applications.  About  600  employ¬ 
ees  contribute  content  to  the  server,  which  em¬ 
ployees,  partners  and  customers  worldwide  access 
through  various  portals.  Emerson  estimates  that  it 
has  accumulated  cost  savings  of  $3.7  million, 
much  of  that  in  printing,  shipping  and  distribution 
of  millions  of  pieces  of  paper  each  year. 

Onsite,  the  software  runs  on  an  HP  DL360  G3 
server  with  2G  bytes  of  RAM  and  dual  2.8-GHz 
Xeon  processors.  The  server  is  connected  to  a 
Xiotech  XAN,  where  it  uses  150G  bytes  of  storage. 

Heindselman  isn't  afraid  to  wax  poetic  about  the 
new  way  his  company  handles  information.“I  see  it 
as  a  core  technology  that  needs  to  be  in  most  or¬ 
ganizations,”  he  says,  emphasizing  that  it  enables 
the  collaboration,  immediacy,  productivity  and 
adaptability  that  his  extended  enterprise  demands. 

Emerson  plans  to  roll  out  10  new  supplier  extra- 
nets  over  the  next  two  years.  Employees  will  be 
more  productive,  information  distribution  will  flow 
smoothly  and  some  trees  may  be  saved,  too.  Asked 
whether  he  has  created  the  paperless  office,  Heind¬ 
selman  can’t  resist  a  chuckle.“We  still  have  paper,” 
he  says, “lots  of  paper.” 

At  least  now,  everyone  is  on  the  same  page. 

.V  naibty  is  a  freelance  writer  in  Fort  Collins,  Colo. 
Si'<  an  be  reached  at  sschaibly@aol.com 
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GOODRICH  AEROSTRUCTURES 

•  project  lead:  John  Ortiz,  business  adviser 

•  technology  focus:  E<ommerce  —  online  parts  catalog 

oodrich  Aerostructures,  a  leading  supplier  of  structural  aircraft  components,  lives  and  dies  with  its  illus¬ 
trated  parts  catalog.  Thousands  of  technicians  at  650  customer  locations  worldwide  use  the  catalogs  as 
vital  sources  of  product  information.  This  project,  which  saved  $1.5  million  in  production  costs  in  the  first 
year,  brought  the  production  and  distribution  of  those  catalogs  in-house.  Previously  the  Chula  Vista,  Calif.,  company 
sent  raw  data  to  an  outside  catalog  producer,  which  took  about  six  months  to  compile  the  information  into  catalogs. 
Now  it  offers  customers  Web  access  to  state-of-the-art  illustrated  parts  catalogs  that  pull  information  in  real  time 
from  Goodrich's  internal  content  repositories.  Customers  get  up-to-date  information  they  can  use  to  order  replace¬ 
ment  parts  and  components  with  speed  and  accuracy  Using  Enigma's  3C  Platform,  the  company  built  dynamic 
catalogs  supporting  50  aircraft  programs.  Goodrich  achieved  ROI  on  this  multiyear,  $640,000  project  in  just  six 
months  while  improving  efficiency  and  providing  better  customer  service. 

LOCKHEED  MARTIN 

•  project  lead:  Jasyn  Voshell,  wireless  LAN  security  director 

•  technology  focus:  Wireless  —  WLAN  security 

iven  the  classified  military  information  riding  over  its  network,  information  security  is  a  top  priority  for  this 
Bethesda,  Md.,  defense  contractor.  The  company's  aeronautics  business,  for  example,  occurs  in  150 
buildings  spread  over  three  states.  Hundreds  of  contractors  and  30,000  employees,  many  of  them  toting 
wireless-enabled  laptops,  roam  the  facilities.  Security  officers  knew  they  had  to  find  a  way  to  eliminate  unautho¬ 
rized  wireless  networks  from  the  company’s  air  domain  and  to  keep  legitimate  access  points  compliant  with  secu¬ 
rity  policies.  The  security  team  also  wanted  real-time  alerts  on  security  breaches  and  policy  violations  and  central¬ 
ized  access-point  management.  It  found  the  answer  in  the  AirDefense  Enterprise  intrusion-detection  system,  which 
now  monitors  the  campus  airwaves  —  with  marked  results.  Within  the  first  six  months  of  deployment,  Lockheed 
discovered  nearly  two  dozen  rogue  access  points,  a  battery  of  contractors  either  setting  up  or  probing  to  find 
WLANs  and  a  host  of  ad-hoc  networks  being  created  to  swap  classified  data.  In  addition,  the  AirDefense  system 
helped  identify  and  stop  two  off-campus  attacks.  Besides  improved  security  business  benefits  include  reduced 
costs  and  improved  productivity  and  efficiency  For  example,  Lockheed  attributes  a  two-month  decrease  in  the  time 
it  takes  to  build  a  fighter  jet  to  its  use  of  wireless  electronic  work  instruction  carts  for  storing  blueprints. 

NATIONAL  INSTRUMENTS 

•  project  lead:  Brett  Childress,  director  of  IT  infrastructure 

•  technology  focus:  Security  —  appliance-based  anti-virus  protection 

peratmg  in  more  than  40  countries,  this  instrumentation  vendor's  3,500  employees  use  a  variety  of  desk¬ 
top  operating  systems  —  Linux,  MacOS,  Solaris  and  Windows  variants.  Keeping  all  systems  up-to-date 
and  properly  configured  was  difficult,  even  with  an  active  patch  management  program  and  anti-virus  pro¬ 
tection.  IT  solved  National  Instruments’  (Nl)  problem  by  deploying  agentless  security  appliances  that  use  a  behav¬ 
ior-based  monitoring  technique  to  stop  worms  that  get  past  other  defensive  layers.  Once  the  appliance  —  Mirage 
Network's  CounterPoint  —  identifies  an  infected  machine,  it  instantly  removes  the  computer  from  the  network  so 
the  worm  cannot  propagate.  The  appliance  notifies  the  help  desk,  which  works  with  the  employee  to  clean  and 
update  the  machine.  This  year,  since  rolling  out  CounterPoint  to  the  corporate  campus  in  Austin,  Texas,  and  seven 
international  branches,  the  appliance  has  spotted  four  worms  that  had  sneaked  past  outer  security  layers.  NI  spent 
$175,000  on  hardware  and  maintenance  to  cover  the  Austin  campus  and  seven  other  sites.  Over  three  years,  IT  esti¬ 
mates  it  will  save  between  $234,000  and  $390,000  in  IT  response  costs  and  lost  productivity  because  of  worms. 

NOOK  INDUSTRIES 

•  project  lead:  Christopher  Nook,  vice  president 

•  technology  focus:  E-commerce  —  3-D  online  modeling 

magine  the  configuration  nightmare  when  customized  products  —  screw  jacks,  for  example  —  have 
45,000  basic  configurations  and  millions  of  potential  combinations.  That’s  the  challenge  that  led  Nook, 
which  makes  linear  motion  components,  to  a  next-generation  Web  tool  that  lets  customers  configure  and 
download  CAD  models  of  its  products  instantaneously  —  and  then  easily  and  quickly  reconfigure  and  down¬ 
load  again  to  make  sure  they  get  the  exact  configurations  needed.  The  Cleveland  company  built  its  online  cata¬ 
log  using  3D  PartStream.NET  from  SolidWorks  in  a  project  budgeted  at  slightly  more  than  $150,000.  Previously, 
Nook  handled  requests  for  3-D  models  manually,  through  a  process  that  took  about  one  week. 


NETWORK  MANAGEMENT  POWERFUL 
ENOUGH  TO  DO  EVERYTHING 

IS  TOO  COMPLEX  TO  DO  ANYTHING. 

Don’t  get  stuck  with  more  than  you’ll  ever  use  and  less  than  you  need. 
Ipswitch  WhatsUp®  Professional  is  designed  specifically  for  small-  and 
medium-sized  businesses.  So  you  get  essential  network  management 
without  high  administrative  costs  and  effort.  Featuring  comprehensive 
alerts,  automatic  device  mapping,  detailed  trend  reports  and  secure 
remote  access  -  it’s  a  smarter  solution,  instead  of  a  bigger  one. 


Ipswitch  WhatsUp  Professional. 
It  just  works. 


TRANSPORTATION 


QuickStats 


★  Median  project  duration: 

24  months. 


★  Median  project  budget: 

$ 3.9  million. 


★  Noteworthy:  Winners  collec 
lively  expect  to  save  almost 
$35  million  in  three  years. 


The  long  road 

The  Race  development  project  got  under  way  four  years  ago,  as  DCS  set  out 
to  remedy  problems  arising  from  business  processes  instituted  long  ago. 

In  the  1990s,  the  DCS  unit  spurred  exponential  growth  at  J.B.  Hunt  by  cus- 
>ing  applications  to  address  each  customers  requirements  for  payroll, 

See  Transportation,  page  85 


-By  SANDRA  GITTLEN- 

Plan  for  common,  not  unique,  requirements.  That  advice,  from 
Tracy  Black,  vice  president  of  application  development  at  J.B. 
Hunt  Transport,  could  save  you  millions. 

Black  and  the  application  development  team  at  J.B.  Hunt’s  Dedicated 
Contract  Services  (DCS)  unit  came  to  this  realization  the  hard  way  The  team 
went  through  many  ups  and  downs  in  a  four-year,  $6.4  million  application 
development  project  aimed  at  addressing  a  serious  problem  within  DCS  — 
overly  complex,  decentralized  account  management.  So  arduous  was  the 
project, dubbed  the  Pace  system,  that  DCS  nearly  scrapped  it. 

But  persistence  paid  off.Today.DCS  projects  a  $30  million, three-year  ROI  for 
Pace.  And  Pace  has  morphed  from  a  custom-coding  project  to  a  flexible, 
componentized  Web  services-based  system  that  gives  field  managers  and 
customers  account  access  anytime,  from  anywhere. 

DCS  used  the  Java  2  Platform  Enterprise  Edition  framework  to  build  Pace, 
which  runs  on  a  series  of  BEA  Systems’WebLogic  application  servers. A  rules 
engine  from  iLog  allows  DCS  to  address  unique  contract  parameters.  Using 
the  rules  engine,  field  managers  can  easily  create  and  manage  individual 
accounts.  And  once  DCS  develops  a  rule,  it  can  use  it  for  other  accounts, 
Black  says. 

J.B.  Hunt  earns  distinction  as  a  2005  Enterprise  All-Star  for  its  dedication  to 
get  this  project  right  —  and  the  cost  savings  and  business  flexibility’  the  com¬ 
pany  gains  as  a  result.Via  Pace, for  example, the  financial  and  operations  teams 
receive  alerts  on  deviations  in  driver  pay  and  customer  billing  from  negotiat¬ 
ed  contracts  and  act  quickly  to  resolve  issues. 

“In  the  past  these  deviations  might  have  gone  unnoticed  for  years,” says  Kay 
Palmer, CIO  at  the  Lowell,  Ark.,  trucking  company. 
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JT  Projects  that  ease  the  burden  of  regulation,  whether 
NbHKk'  J  by  organizing  a  trainload  of  paperwork  or  assisting 
"  k  with  compliance,  mark  the  leading  edge  of  the  trans- 
.  portation  industry  These  Enterprise  All-Star  winners 
have  successfully  integrated  new  technologies  into 
>  ^ ;  '  -  complex  environments  while  saving  their  companies 
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lie  road 
J.B.  Hunt 

This  winner  revs  up  with  a  flexible  application 
architecture  that  is  expected  to  deliver  $30  million 
in  savings  over  three  years. 


DEVICES 

MOBILIZING  APPLICATIONS 
WIRELESS  SECURITY 


www.interop.com/newyork 


Innovative  technology,  next-generation  business  strategy  and  new 
nsights  for  every  challenge  on  the  map. 


Network  World  readers  can  take  advantage  of  special  pricing  for 

Interop  New  York. 


Use  priority  code  MLEBNNOO  and  save  up  to  $300  off  any 
educational  offering  or  register  for  a  FREE  Exhibits  Only  Pass. 


Save  up  to  $300 

Enter  priority  code: 
MLEBNNOO 

www.interop.com/registration 
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A  hotel  in  Tokyo.  A  layover  in  London.  A  cafe  in  Sao  Paulo. 

Perfect  places  for  worms  and  spyware  to  find  their  way  to  your  business. 

Enter  the  Cisco  Self-Defending  Network  with  Network  Admission  Control. 
It  adapts  to  new  breeds  of  threats  as  they  are  hatched  and  stops  attacks 
before  they  do  harm.  Automatically.  Proactively.  Instinctively. 

Learn  how  self-defending  networks  are  securing  business  at 
cisco.com/poweredby. 
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Transportation  continued  from  page  82 

billing  and  management.  “Each  customer  had  a  unique  busi¬ 
ness  model, and  we  thought  that  required  different  and  dynam¬ 
ic  applications,”  says  Richie  Henderson,  vice  president  of  mar¬ 
keting  strategy  and  administration  for  DCS. 

While  the  customization  program  boosted  J.B.  Hunt’s  market 
share,  creating  dozens  of  new  accounts,  it  eventually  took  a  toll 
on  the  IT  group.  By  the  late  1990s,  IT  had  to  manage  and  update 
more  than  150  remote  PC-based  accounting  systems.“We  start¬ 
ed  to  have  problems  controlling  this  decentralized  environ¬ 
ment  —  it  was  no  longer  cost-effective,”  Henderson  says. 

The  company’s  bottom  line  also  suffered.“We  have  a  saying  in 
our  industry ‘Pay  as  you  bill,  bill  as  you  pay  With  all  this  com¬ 
plexity  our  payments  and  invoicing  were  getting  out  of  synch. 
We  lost  the  integrity  of  our  financial  model,”  he  says.DCS  knew  it 
needed  to  streamline  and  centralize  account  management,  but 
its  initial  attempts  to  do  so,  around  the  year  2000,  met  with  dis¬ 
aster.  He  admits  technology  enamored  the  team. “We  overbuilt,” 
he  says. “We  tried  to  build  Pace  for  the  most  complex  situation 
—  like  trying  to  build  a  rocket  ship  to  Mars  right  out  of  the  gate.” 

Developers  also  faced  resistance  from  DCS  field  managers, 
who  wanted  to  keep  the  uniqueness  of  accounts  and  wanted 
every  feature  included  in  the  new  application. “The  field  want¬ 
ed  to  be  able  to  change  parameters  on  the  fly,  and  the  archi¬ 
tecture  was  just  growing  too  complicated,”  Henderson 
says.Because  the  project  had  spun  out  of  control,  J.B.  Hunt’s 
executive  management  team  was  on  the  verge  of  canceling  it. 
The  company  had  spent  millions  of  dollars,  with  virtually  noth¬ 
ing  to  show  for  it,  and  “there  was  lost  confidence  among  key 
executives,”  Palmer  says. 

In  2001,  attempts  to  save  the  project  by  outsourcing  it  com¬ 
pounded  the  problem. “We  quickly  became  disillusioned  with 
what  the  service  provider  was  offering,”  Palmer  says,  and  the 
project  was  brought  back  in-house.  However,  working  with  the 


outsourcer  made  DCS  realize  core  weaknesses  within  the  team 
—  it  lacked  knowledge  of  Java  and  rules-based  logic.  After 
bringing  in  a  new  project  leader  with  these  skills  and  educating 
project  members,  the  team  then  switched  gears  and  changed 
its  expectations  for  the  Pace  system. 

“Our  turning  point  was  looking  at  each  account  for  its  base 
requirements,  not  its  unique  requirements,”  Black  says. 

The  team  created  a  matrix  of  all  the  account  features  and 
then  began  to  plan  a  rules-based  system  that  accounted  for  the 
commonalties  that  saved  time  and  money  on  application 
development.  Using  XML,  the  team  integrated  Pace  with  J.B. 
Hunt’s  MQSeries  databases  and  PeopleSoft  ERP  application 
and  built  the  Web  component  that  enabled  anytime,  anywhere 
access  with  dedicated  high-speed  lines. 

The  result  launched  in  2004  —  and  business  units  began  reap¬ 
ing  the  benefits  immediately  Besides  the  financial  and  opera¬ 
tions  teams,  for  instance,  account  managers  use  the  system  to 
improve  performance.  Account  managers  at  remote  sites  can 
enter  driver  activity  information  and  produce  weekly  driver  pay 
reports,  customer  invoicing  and  customer  performance  reports. 
Customers  are  noticing  a  difference,  Palmer  says.  “We ’re  gener¬ 
ating  more  accurate  and  timely  invoicing  for  them  and  offering 
reporting  functionality”  and  Web  account  access,  she  says. 

Drivers  also  are  benefiting.  They  can  use  their  in-cab  units  to 
transmit  data  via  satellite  or  cellular  connections  into  the  Pace 
system.  And  the  centralized  system  helps  J.B.  Hunt  comply  with 
the  Sarbanes-Oxley  Act.  It  gives  compliance  managers  the  con¬ 
trols  they  need  to  monitor  account  activity  Henderson  says. 

Palmer  says  she  is  hoping  Pace  will  have  a  tremendous  affect 
on  all  J.B.  Hunt  business  units.“We  can  have  better  decision  sup¬ 
port  and  quickly  identify  inefficiencies,” she  says.“This  will  drive 
down  costs  overall.” 

Gittlen  is  a  technology  editor  in  Northboro,  Mass.  She  can  be 
reached  at  sgittlen@charter.net. 
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Railway 

•  project  lead:  Jeffrey  Campbell,  vice  president 
of  technology  services  and  CIO 

•  technology  focus:  Convergence  —  VoIP 

This  Fort  Worth,  Texas,  rail  operator  recently  rolled 
out  the  first  of  what  it  expects  to  be  many  mission- 
critical  voice  applications.  The  Voice  Train  Reporting 
application,  which  runs  on  network  servers,  allows  locomo¬ 
tive  conductors  to  radio  or  use  cell  phones  to  report  pickup 
and  delivery  of  freight  car  shipments.  The  application  con¬ 
verts  those  calls  into  data,  which  is  then  fed  into  BNSF’s 
Transportation  Support  System  (TSS).  Employees  and  cus¬ 
tomers  have  near-real-time  access,  too.  Previously  railroad 
crew  would  mark  up  paperwork  orders  throughout  the  day 
submitting  those  to  a  data-entry  clerk  at  the  end  of  a  shift. 
The  new  application  uses  speech-recognition  and  speaker- 
verification  software  from  Nuance  Communications,  an  inter¬ 
active  voice  response  system  built  on  Intervoice's  Omvia 
Voice  Framework  and  customized  interfaces.  BNSF  has 
invested  approximately  $1.5  million  in  these  voice  develop¬ 
ments,  and  expects  to  realize  a  one-year  ROI  of  105%  and  a 
three-year  ROI  of  115%. 


J.B.  Hunt  Transport 

•  project  lead:  Heather  Moore, 
business  systems  analyst 

•  technology  focus:  Applications  — 
remote  imaging 

Besides  the  multimillion-dollar  Pace  system,  J.B. 

Hunt  Tansport  has  a  notable  project  underway  to 
automate  the  processing  of  shipping  documents. 
Previously,  drivers  dropped  off  their  documents  at  desig¬ 
nated  locations  across  the  country  from  which  couriers 
brought  them  to  headquarters  in  Lowell,  Ark.  Scanning, 
indexing  and  storage  involved  13  people  and  took  seven 
to  10  days,  says  Heather  Moore,  business  systems  ana¬ 
lyst  at  J.B.  Hunt.  Today  drivers  send  their  documents  digi¬ 
tally  using  Transflo  scanning  stations  at  hundreds  of  pub¬ 
lic  truck  stops  and  Tansflo  automatically  indexes  and 
stores  them.  Within  60  days  of  implementing  the  Tansflo 
document  management  system  from  Pegasus  TansTech, 
the  company  saw  a  40%  reduction  in  the  staff  needed  to 
process  the  documents,  Moore  says.  The  project 
decreased  unbilled  revenue  by  50%,  with  fewer  lost  doc¬ 
uments. 
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the  service, 
this  logo  will 
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Make  sure  you  get  the 
latest  in  network  services 

by  looking  for  the 
Cisco  Powered  logo.  From 
managed  business  voice  to 
managed  security  and  virtual 
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Companies  in  this  segment  span  a  variety  of  vertical 
y  ' '  markets,  such  as  media  and  energy  Like  the  other 

winners,  these  six  companies  demonstrate  how  cut- 
If  ,  •  V ,  „  ting-edge  technology  is  altering  business.  A  new  data 
Ay.  warehouse  or  converged  network  is  not  only  a  faster 

way  to  accomplish  a,  task  but  offers  the  means  for 
o.  i  ••  new  and  better  business  processes. 
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Weather  Underground  uses  Linux  clusters  and  low-cost 
bandwidth  to  keep  from  being  pelted  by  traffic  storms. 


~  By  JENNIFER  MEARS- 

For  storm  chasers,  the  excitement  is  in  facing  Mother  Natures  wrath  and  coming  out  unscathed.The  paradigm  is  similar 
for  the  IT  team  at  Weather  Underground,  a  Web-based  weather  service  that  experiences  internal  storms  whenever  bad 
conditions  hit.  For  example,  the  number  of  page  views  on  Weather  Underground  topped  more  than  14  million  —  triple 
the  average  —  on  Aug.  29,  the  day  Katrina  hit  New  Orleans.  With  users  requesting  animated  radar  maps  that  can  be  as  large  as 
8<X)K  bytes,  bandwidth  requirements  surged  to  more  than  five  times  the  average, says  Chris  Schwerzler,  IT  operations  manager 
at  the  San  Francisco  company 

To  survive  such  traffic  storms,  the  IT  team  devised  a  flexible  infrastructure  that  can  scale  easily  and  deliver  cost-effective 
iwidth-intensive  data  as  needed.  Computing  clusters  built  out  of  low-end,  Intel-based  servers  running  Linux  give  the 
A  ath'.-r  Underground  processing  oomph,  while  connectivity  from  Cogent  provides  big  bandwidth  at  reasonable  cost. Without 
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QuickStats 

★  MEDIAN  PROJECT  DURATION: 

Seven  months. 

★  MEDIAN  PROJECT  BUDGET: 

$282,500. 

★  noteworthy:  Project  budg¬ 
ets  in  this  category  ranged 
from  $100,000  to  $2  million. 


this  infrastructure,  Weather  Underground 
would  not  be  able  to  deliver  high-quality 
weather  content  and  still  be  profitable, 
Schwerzler  says. 

“It  would  be  hard  to  advertise  and  break 
even  for  the  cost  of  the  bandwidth,"  he  says. 

Weather  Undergrounds  efforts  to  create  an 
inexpensive,  scalable  infrastructure  to  deliver 
weather  data  via  the  Web  began  in  early  2000, 
coincident  with  a  National  Weather  Service 
(NWS)  policy  change.  Rather  than  restricting 
availability  of  that  information  to  a  few  com¬ 
panies  through  private  contracts,  the  NWS 
made  the  data  widely  accessible.  “There  was 
suddenly  the  availability  of  a  lot  of  interesting 
radar  data,  and  it  was  our  project  to  develop 
an  infrastructure  that  could  scale  and  bring 
that  data  to  a  large  number  of  end  users,” 
Schwerzler  says. 

With  this  2005  Enterprise  All-Star  Award, 
Weather  Underground  earns  recognition  for 
creatively  using  network  technology  to  capi¬ 
talize  on  a  new  business  opportunity. 

From  the  sky  to  the  Web 

To  take  advantage  of  the  newly  available 
weather  data,  Weather  Underground  installed 
a  large  satellite  dish  at  its  headquarters  in  San 
Francisco.  The  dish  receives  weather  data 
retransmitted  by  the  National  Oceanic  and 
Atmospheric  Administration  from  144  NWS 
field  offices.  It  uses  the  Digital  Video  Broad¬ 
cast-Satellite  standard  to  convert  the  satellite 
data  into  packets,  which  travel  via  fiber  to  the 
Linux  clusters  running  in  the  company’s  data 
center,  also  in  San  Francisco.  Weather  Under¬ 
ground  uses  the  User  Datagram  Protocol  to 
broadcast  the  data  to  what  Schwerzler  calls 
radar  servers. 

“There  you  have  a  very  raw  product  sitting 
on  the  machines,”  he  says. 

When  a  user  requests  a  weather  map,  for 
example,  a  custom  application  running  on 
an  Apache  Web  server  packages  the  raw 
data  and  sends  it  out  via  the  Cogent  net¬ 
work  in  a  customized  form  the  user  can 
understand. 
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Because  it  sends  the  raw  data  to  the  end  nodes  in 
the  cluster  for  packaging,  rather  than  packaging  the 
data  before  it  receives  a  request,  Weather 
Underground  can  deliver  weather  information  faster 
than  the  NWS,  Schwerzler  says. 

“If  you  sit  side-by-side  with  its  radar  and  our  radar 
and  hit  reload  on  both,  you’ll  see  ours  will  update 
sometimes  30  seconds  before  theirs,”  he  says. 

Schwerzler  wouldn’t  specify  the  number  of  clus¬ 
ters  at  Weather  Underground  but  says  each  cluster 
ranges  in  size  from  eight  to  40  servers, and  hundreds 
of  servers  are  in  operation.  Gigabit  over  copper  pro¬ 
vides  connectivity  for  the  clustered  servers.  The 
majority  of  the  servers  are  in  a  Weather 
Underground  data  center,  although  the  company 
recently  began  collocating  some  servers  and  con¬ 
necting  them  to  its  data  center  via  fiber. 


No  slacking  off 

Standardizing  on  Linux  wasn’t  a  big  leap,  as 
Schwerzler  and  his  team  had  worked  with  Unix  while 
at  the  University  of  Michigan  (U-M).Plus,a  free  operat¬ 
ing  system  made  sense  for  a  non-funded,  private  com¬ 
pany  running  on  a  tight  budget. 

“Linux  has  appeal  since  you  can  replicate  it  100,200 
times  and  not  have  to  pay  additional  site  licenses,” 
Schwerzler  says.Tlus, you  have  the  ability  to  tweak  and 
tune  at  the  finest  levels  that  you  can’t  really  do  with 
some  of  the  other  flavors  of  Unix.” 

Weather  Underground  uses  a  trimmed-down  version 
of  Slackware,  one  of  the  only  distributions  of  Linux 
available  in  the  mid-1990s  when  Schwerzler  was  at  U-M. 
In  addition, the  servers  have  no  hard  drives  and  support 
Preboot  Execution  Environment  boot,  which  means 
they  are  configurable  and  deployable  via  the  network. 
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With  that  setup, Weather  Underground  can  easily  add 
and  retask  servers  as  needed, Schwerlzer  says. 

“We  can  say  ‘OK,  you’re  no  longer  a  radar  server; 
you’re  now  a  frontline  Web  server,  or  you’re  now  serving 
our  icons,’  and  reboot  the  machine,  and  30  seconds 
later  you  have  a  new  setup,”  he  says. 

When  Katrina  hit,  for  example,  the  IT  team  quickly 
brought  on  48  RackLogic  servers  it  had  on  hand. 

“We  couldn’t  possibly  have  gotten  the  servers  up  that 
we  needed  to  handle  the  [Katrina]  demand  if  we  had¬ 
n’t  devised  this  system  of  being  able  to  quickly  repli¬ 
cate  our  servers,” Schwerzler  says.“We  basically  take  the 
machines  as  they  are  delivered  to  us,  screw  them  into 
the  rack,  cable  them  and  turn  them  on  with  a  little  bit 
of  configuration. They’re  up  in  30  seconds.” 

Thanks  to  the  additional  nodes,  Weather  Under¬ 
ground  handled  the  load  without  a  hitch. 
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•  project  lead:  Kyle  Ohme,  IT  director 

•  technology  focus:  Servers  —  automated  provisioning 

a  new  data  center-style  project,  this  Waite  Park,  Minn.,  provider  of 
downloadable  desktop  software  sought  a  way  to  handle  peak  server 
loads  without  overbuilding  the  infrastructure  needed  for  quieter  peri¬ 
ods.  In  addition,  it  wanted  to  be  able  to  repurpose  servers  on  the  fly  and  reduce  IT 
staff  time  needed  for  server  provisioning.  IT  selected  the  Ardence  Server  Edition 
server-management  tool,  which  enables  the  on-demand  streaming  of  Windows  from 
commodity  networked  storage.  When  IT  needs  to  reprovision  a  server,  it  uses  the 
Ardence  software  to  stream  the  operating  system  and  associated  applications  to  a 
blade  in  its  EBM  BladeCenter.  The  download  includes  just  enough  of  the  operating 
system  software  to  get  the  blade  executing;  additional  libraries  follow  when 
required  for  the  operation.  IT  can  now  provision  servers  in  five  minutes  vs.  the  previ¬ 
ous  five  hours  and  move  capacity  from  server  to  server,  and  has  quadrupled  pro¬ 
ductivity  Freeze.com  has  about  $1 ,750  per  blade  invested  in  this  model,  with  three 
fully  populated  blade  centers  and  two  more  in  staging.  This  model  has  enabled  IT  to 
reduce  at  least  two  full-time  server  administrator  positions  and  place  an  increased 
focus  on  issues  that  have  an  impact  on  the  bottom  line. 


INTELLIDYN 

•  project  lead:  Rajeev  Kumar,  technical  director 

•  technology  focus:  Servers  —  data  warehouse 


Wl  ith  a  $2  million  budget,  this  data  warehouse  provider  in  Hingham,  Mass. , 
migrated  from  a  mainframe-based,  vendor-specific  computing  infra¬ 
structure  to  a  scalable,  highly  available  and  reliable  open  architecture. 
Intellidyn  collocates  the  infrastructure,  which  is  powered  by  Sun  servers  running 
Solaris  8,  at  an  AT&T  data  center.  For  its  storage-area  network,  the  company  com¬ 
bines  Sun  and  Hitachi  Fibre  Channel  storage  arrays,  uses  StorageTek  tape  libraries 
and  handles  consolidation,  back-up  and  restore  capabilities  and  clustering  via  the 
Veritas  Foundation  software  suite.  SAS  provides  business-intelligence  tools. 

Intellidyn  expects  to  realize  a  685%  ROI  in  year  one  as  it  becomes  more  agile. 


RELIANT  ENERGY 

•  project  lead:  Courtney  Hebert,  manager,  internal  controls  effectiveness 

•  technology  focus:  Applications  —  SOX  compliance 


IN 
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ie  course  of  two  months,  this  Houston-based  electric  utility  ushered 
in  significant  process  improvements  and  increased  efficiencies 
through  implementation  of  a  technology  framework  for  document 


management  and  compliance  with  the  Sarbanese-Oxley  Act.  For  example,  Reliant 
has  reduced  time  spent  adding  up  spreadsheet  information  for  weekly  reports  from 
four  days  to  a  half  day  With  easy  report  customization,  building  reports  for  internal 
business  users  or  external  auditors  is  an  almost  instantaneous  process  compared 
with  the  couple  of  days  previously  required.  Sarbanese-Oxley  compliance,  which 
many  companies  still  must  conquer,  has  become  a  matter  of  course,  easily  and 
cost-effectively  met  through  the  new  framework,  provided  via  Stellent's  Sarbanes- 
Oxley  Solution.  The  framework  serves  as  the  foundation  of  the  company’s  new 
Reliant  Energy  Sarbanes-Oxley  Resource  Tool,  which  gives  the  compliance  team  an 
enterprise  view  of  the  company’s  internal  control  makeup  so  it  can  track  and  sched¬ 
ule  changes  based  on  business  proprieties.  The  project  cost  $1 10,000. 


•  project  lead:  Kevin  Gungiah,  director  of  systems  administration 

•  technology  focus:  Storage  —  tiered  storage 

Challenged  by  the  need  to  provide  value-added  services  while  reducing 
cost  of  ownership  and  improving  flexibility  the  Weather  Channel’s  IT  team 
crafted  next-generation  server  and  storage  infrastructures.  The  Atlanta- 
based  company  doubled  performance  by  migrating  applications  and  databases 
from  Unix  to  HP  Integrity  Linux  servers,  running  the  Red  Hat  operating  system.  In 
turn,  it  then  consolidated  servers.  By  implementing  tiered  storage,  using  Hitachi 
Lightning  and  Thunder  arrays,  the  company  recovered  more  than  30T  bytes  of  Tier 
One  storage  capacity  Tools  in  the  Veritas  Storage  Foundation  suite  enable  IT  to 
move  data  from  one  storage  tier  to  another.  The  Weather  Channel  estimates  it  has 
lowered  the  total  cost  of  server  ownership  by  90%  through  this  $315,000  project, 
saving  as  much  as  $1  million  on  hardware  and  software  maintenance,  and  saving 
another  $1  million  through  consolidation  in  the  Linux  environment.  In  addition,  it  has 
created  a  foundation  on  which  its  business  can  grow  with  value-added  services. 


UNITED  WAY  OF  THE  TEXAS  GULF  COAST 

•  project  lead:  Michael  Joplin,  vice  president  of  IT 

•  technology  focus:  Convergence  —  VoIP  network 


This  Houston  fund-raising  organization  carefully  watches  spending  but  knows 
that  scrimping  on  technology  doesn’t  make  for  good  business.  That's  why  IT 
knew  a  converged  voice  and  data  network  was  the  right  architectural  choice 
to  use  at  a  new  facility  With  its  Cisco  VoIP  system,  IT  estimates  saving  30%  on 
cabling  costs.  IT  also  distributed  Research  In  Motion's  BlackBerry  handheld 
devices,  which  integrate  with  the  VoIP  system  to  provide  employees  access  to  e- 
mail,  voice  mail,  faxes  and  calendars  wherever  they  are.  Staff  at  community  resource 
centers  also  have  gotten  a  boost  from  the  converged  network,  as  they  can  conduct 
low-cost  videoconferences  over  it.  United  Way  invested  $250,000  in  this  project  and 
expects  to  see  $120,000  in  savings  in  the  first  year  and  $200,000  by  year  three. 
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Compare  1&1  with  other  companies  and  you'll  see  that  not 
all  web  hosts  are  created  equal.  You  want  the  most  web 
for  your  money,  so  you  need  a  web  hosting  specialist.  1&1 
focuses  all  its  resources  on  bringing  you  the  most  complete 
hosting  packages  at  some  of  the  best  prices  in  the  industry. 


HOSTIN 

It's  official:  the  gloves  are  off!  With  4  million  customers 
and  more  than  a  decade  of  web  hosting  experience,  1&1 
stands  head-to-head  with  all  the  industry  heavyweights. 

Compare  for  yourself  and  see  why  1&1  is  the  world's 
#1  web  host. 


HERE'S  WHY  1&1  IS  THE  CLEAR  WINNER  IN  WEB  HOSTING 


Ki  Named  2004  Hosting 

Growth  Leader  by  Netcraft 

EH  World's  largest  web  host 
according  to  Netcraft 

More  than  5  million 
domains  and  4  million 
customers  worldwide 
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industry  experience 

Innovative  web 
applications 

200  in-house 
programmers 


El  Unsurpassed 
connectivity 

El  One-stop  shop  for  all 
your  website  needs 

24/7  toll-free  phone  & 
e-mail  support 

Netcraft  Ltd  -  www.netcraft.com 
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1&1  -  THE  BEST  HOSTING  PACKAGES 
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★  How  to  make  sure  you’re  not  a  flash  in  the  pan  but  rather  an 
All-Star  worth  remembering. 
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SIGN-OFF 


training, 

the  intensity  with  which  they  study  their  craft  and  their 
opponents,  devotion  to  honing  their  skills  and  an 
absolute  commitment  to  the  game.  Williams  was  per¬ 
haps  the  ultimate  student  of  baseball,  a  hitter  so  dom¬ 
inant  that  opposing  teams  devised  special  defensive 
formations  to  try  to  stop  him.  He  even  wrote  a  book 
for  future  batters  called  “The  Science  of  Hitting.” 

Why?  Williams  summed  it  up  when  he  said: “A  man 
has  to  have  goals  —  for  a  day,  for  a  lifetime  —  and  that 
was  mine,  to  have  people  say, ‘There  goes  Ted  Williams, 
the  greatest  hitter  who  ever  lived.’” 

The  same  holds  true  for  the  people  and  companies 


celebrated  in  this  inaugural  Enterprise  All- 
Star  Issue.  They  aren’t  one-hit  wonders 
basking  in  the  glory  of  a  single  project  or 
technology  implementation. They’ve  exe¬ 
cuted  long-term  strategies  centered  on 
changing  the  way  business  gets  done. 

That’s  what  it  takes  to  succeed  in  IT 
today 

There’s  no  shortage  of  technology  out 
there.  The  truth  is  that  companies  can’t 
absorb  all  the  new  products  and  services  that 
are  presented  to  them  daily  And  there  is  no 
shortage  of  problems  to  resolve  —  security, 
mobility,  compliance,  remote  office  network¬ 
ing.  That’s  just  a  subset  of  the  major  chal¬ 
lenges  IT  managers  face. 

The  only  way  to  deal  with  these  challenges 
and  to  make  a  difference  for  your  company 
is  to  take  a  disciplined,  long-term 
approach  to  IT,  one  that’s  based  on  a 
clear  understanding  of  your  compa¬ 
ny’s  needs  and  the  strengths  and 
weaknesses  of  your  systems.  Success 
requires  an  intense  focus  on  the 
future  and  a  commitment  to  moving 
your  IT  organization  forward.  It  requires 
that  you  study  more  intently  and  more 
intensely  than  others  are  willing  to  do. 

Some  have  said  that  the  current  era  re¬ 
quires  a  return  of  IT  architecture,  which  is 
true.  During  the  client/server  era  and  the 
tech  bubble,  we  threw  a  lot  of  servers,  band¬ 
width  and  storage  at  every  problem. 

But  we  need  to  revitalize  data  centers  to  virtualize 
resources  and  provide  far  more  flexibility.  We  need  to 
break  the  bounds  of  monolithic  applications  and 
embrace  the  adaptability  of  Web  services.  We  can't  do 
either  unless  we  have  a  goal  in  mind,  a  road  map  for 
getting  from  here  to  there,  an  architecture  for  the 
structure  we’re  building. 

Want  to  be  an  All-Star?  It’s  not  magic.  Redouble  your 
commitment  to  your  craft.  Remember  what  another 
All-Star,  football’s  Vince  Lombardi,  said:“The  quality  of 
a  person’s  life  is  in  direct  proportion  to  their  commit¬ 
ment  to  excellence,  regardless  of  their  chosen  field  of 
endeavor.”  ■ 


If 
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you’re  any  kind  of  baseball  fan, 
you’re  familiar  with  Ted  Williams, 

Hank  Aaron  and  Brooks  Robinson. 

But  do  you  remember  Mark  Fidrych,  Joe 
Charboneau  or  Bobo  Holloman? 

Williams,  Aaron  and  Robinson  are  among  the 
258  people  —  less  than  2%  of  all  players  and  man¬ 
agers  who  ever  wore  a  uniform  —  to  be  inducted 
into  the  National  Baseball  Hall  of  Fame  in 
Cooperstown,  N.Y  They’re  in  the  pantheon  of  sport’s 
true  All-Stars. 

Fidrych,  Charboneau  and  Holloman  are  something 
else  entirely  They’re  among  the  other  98%  of  players, 
some  of  whom  made  their  mark  on  the  game  . . .  some 
who  did  not.  Not  to  put  too  fine  a  point  on  it,  but  they 
were  flashes  in  the  pan.  One-hit  wonders.  Flavors  of 
the  week  or  month. 

The  quirky  Fidrych  talked  to  the  ball  —  often 
obscenely  —  and  for  one  brilliant  season,  in 
1976,  was  an  unstoppable  pitcher  for  the 
Detroit  Tigers. The  Bird,  as  he  was  known, 
went  19-9  with  a  stingy  earned  run 
average  of  2.34.  He  was  the  toast  of  the 
league,  but  he  quickly  faded  into 
obscurity  In  the  four  subsequent  years  of 
his  short  career,  he  posted  a  combined 
10-10  record  before  quietly  bowing  out. 

In  1980, “Super  Joe”  Charboneau  was  named 
American  League  rookie  of  the  year,  boasting  a 
.289  batting  average  and  nearly  100  runs  batted  in. 

In  the  next  two  years,  he  played  only  70  games  before 
disappearing  from  the  sport.  Holloman  flared  out 
even  faster.  He  was  one  of  a  handful  of  pitchers  to  hurl 
a  no-hitter  in  his  first  major  league  appearance,  but  he 
won  only  two  more  games  that  season  and  —  poof  — 
was  gone. 

What  separates  a  Hank  Aaron  from  a  Bobo 
Holloman? 

That’s  difficult  to  say  —  idiosyncrasies,  injuries,  fate, 
among  other  tilings.  Maybe  Holloman  didn’t  know  how 
to  pace  himself.  R;rhaps  he  angered  the  gods  of  base¬ 
ball  (as  the  Red  Sox  and  Cubs  seemed  to  have  done). 
Maybe  he  just  wasn’t  built  to  last.  Maybe  he  had  only 
one  great  game  in  him. 

It's  easier  to  say  what  unites  the  Hall  of  Famers,  the 
perennial  All-Stars.  They’re  linked  in  their  rigorous 
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A  perfect  gift  for  your  tech  geek 


BY  LINDA  MUSTHALER 

If  you’ve  been  in  the  network 
business  for  any  length  of  time, 
then  the  phrase  “network  analy¬ 
sis"  is  synonymous  with  the  name 
“Laura  Chappell.”  As  founder  of 
the  Protocol  Analysis  Institute, 
Chappell  is  the  industry  expert  on 
packet-level  analysis  and  security 
Her  expertise  is  in  high  demand, 
and  she  cher  client  list  includes: 
High-Technology  Crime  Investiga¬ 
tion  Association,  Institute  for  Net¬ 
work  Professionals,  and  the  U.S. 
Armed  Services. 

Chappell  is  one  of  those  rare 
people  who  really  knows  her  stuff 
and  wants  to  share  it  with  every¬ 
one.  She  has  published  many  sto¬ 
ries,  books  and  video  segments 
that  tell  people  how  to  use  specif¬ 
ic  tools  to  learn  exactly  what  is 
happening  on  their  network. 

Even  if  you  can’t  take  one  of  her 


courses  in  person,  you  have  the 
opportunity  to  learn  from  this  net¬ 
work  authority  through  the  four- 
DVD  set  of  the  “Laura  Chappell 
Master  Library’  It’s  a  great  way  to 
spend  a  rainy  weekend,  better 
than  watching  the  full  set  of  “Star 
Wars”  videos! 

The  Master  Library  is  a  compre¬ 
hensive  collection  of  Chappell’s 
renowned  training  materials.  The 
set  sells  for  $2,000  but  has  a  retail 
value  of  more  than  $7,000  if  you 
were  to  buy  the  course  materials 
separately  Tell  your  boss  to  budget 
the  meager  $2,000  to  give  you 
some  of  the  most  in-depth  train¬ 
ing  you’ll  ever  get  —  it’s  worth  it. 

Volume  1  of  the  set  gives  you 
more  than  35  hours  of  training 
covering  the  following  topics: 

•  TCP/IP  analysis  and  trou¬ 
bleshooting. 

•  Security  at  the  packet  level. 


•  Introduction  to  network 
analysis. 

•  Advanced  network  analysis. 

•  Case  studies. 

•  Protocol  analyzers:  Sniffer, 
EtherPeek,  Ethereal. 

•  Top  tools. 

Volume  2  gets  you  into  interpret¬ 
ing  trace  files.  Chappell’s  training 
includes  more  than  50  narrated 
screen-capture  videos  demon¬ 
strating  unique  situations  dealing 
with  hackers,  spies  and  unusual 
traffic  patterns. 
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When  your  head  stops  spinning 
from  all  that  knowledge,  you  can 
tackle  Volume  3,  which  includes 
eight  electronic  copies  of  books 
written  or  edited  by  Chappell.The 
total  page  count  of  these  books  is 
more  than  1,400  pages,  including 
the  following  titles: 

•  Introduction  to  Network 
Analysis  (Second  Edition). 

•  Advanced  Network  Analysis 
Techniques. 

•  TCP/IP  Analysis  and 
Troubleshooting. 

•  Hands-On  Cisco:  TCP/IP  LAN 
Configurations. 

•  Packet-Filtering:  Catching  the 
Cool  Packets. 

After  that  bit  of  light  reading, 
you’re  ready  to  move  to  the 
hands-on  self-study  labs,  which 
are  also  part  of  Volume  3.Then  it’s 
on  to  Volume  4,  Chappell’s  video 
seminars.  You’ll  get  six  full-length 


video  training  courses  along  witr? 
their  electronic  manuals  on  top¬ 
ics  such  as  Introduction  to  Net¬ 
work  Analysis  and  Network 
Design  and  Data  Paths. 

But  wait,  there’s  more!  Chappell 
throws  some  bonus  material  into 
her  Master  Library  in  the  form  of 
an  introduction  to  wireless  LANs 
by  Keith  Parsons  of  the  Institute 
for  Networking  Professionals. 

The  holidays  are  approaching, 
folks.  Tell  your  friends  and  family 
members  that  you  want  Laura 
Chappell’s  Master  Library  for  your 
gift  this  year.  It’s  enough  to  keep  a 
technical  geek  happy  for  a  year  or 
more. 

Musthaler  is  vice  president  of 
Currid  &  Company,  a  Houston  tech¬ 
nology  consulting  firm.  She  can  be 
reached  at  Linda.Musthaler@cur 
rid.com 
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UltraMatrix™ 

Remote 


KVM  OVER  IP 


MATRIX  KVM  SWITCH  WITH 
INTEGRATED  REMOTE  ACCESS  OVER  IP 


System-wide  connectivity  over  IP  worldwide  and  locally 
Connects  1,000  computers  to  up  to  256  user  stations 
Supports  PC,  Sun,  Apple,  USB,  UNIX,  serial  devices 
High  quality  video  up  to  1280  x  1024 
Secure  encrypted  operation 

View  real-time  video  from  4  computer  connections  with 
quad-screen  mode 


The  UltraMatrix  Remote  represents  the  next  generation  in  KVM  switches  with  IP  access.  It 
provides  a  comprehensive  solution  for  remote  server  access  over  IP  and  local  as  well. 


■  KVM  RACK  DRAWERS  WITH  KVM  SWITCH  OPTION 

RackViews  offer  the  latest,  most  efficient  way  to  organize  and  streamline  your 
server  rooms  and  multiple  computers. 

The  RackView  is  a  rack  mountable  KVM  console  neatly  fitted  in  a  compact  pull-out 
drawer.  This  easy-glide  KVM  drawer  contains  a  high-resolution  TFT/LCD  monitor,  a 
tactile  keyboard,  and  a  high-resolution  touchpad  or  optical  mouse. 


UltraMatrix™  ■  PROFESSIONAL  MULTI-USER  KVM  SWITCH 

E-series  2  -  4  KVM  STATIONS  TO  1 ,000s  OF  COMPUTERS 

KVM  SWITCH  •  PC  or  multi-platform  (  PC/Unix,  Sun,  Apple,  others) 

•  On-screen  menu  informs  you  of  connection  status  between  unit: 
in  an  expanded  system 

•  Powerful,  expandable,  low  cost 

•  No  need  to  power  down  most  servers  to  install 

•  Security  features  prevent  unauthorized  access 

•  Free  lifetime  upgrade  of  firmware 

|j  •  Video  resolution  up  to  1600  x  1280 

-  •  Available  in  several  models 

•  Easy  to  expand 

The  UltraMatrix  E-Series  represents  the  latest  in  KVM  matrix  switch  technology,  at  an 
affordable  price.  The  E-Series  allows  you  to  connect  up  to  256  user  stations  to  as  many  as 
1,000  computers.  The  UltraMatrix  E-Series  is  available  in  several  sizes:  2x4,  2x8,  2x16, 

4x4,  4x8,  4x16,  1x8,  and  1x16  in  either  PC  or  multi-  platform. 
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question  security  guidelines 


BY  DAVE  KEARNS 

There  were  a  surprisingly  large 
number  of  interesting  comments 
and  insights  that  came  out  of  the 
recent  Digital  ID  World  -  Financial 


Services  conference  in  New  York. 

The  primary  topic  of  conversa¬ 
tion  was  the  recently  promulgated 
guidelines  for  strong  authentica¬ 
tion  for  online  banking  (see  www. 


networkworld.com,  DocFinder: 
9828)  authored  by  the  Federal 
Financial  Institutions  Examin¬ 
ation  Council,  officially  titled 
“Authentication  in  an  Internet 


Banking  Environment.” 

In  a  newsletter  a  couple  of 
week’s  ago  (DocFinder:  9829),  I 
mentioned  how  security  token 
vendors  were  quick  to  point  out 


The  TotalValuePlan  provides  customers  with  the 
following  benefits: 

•  No  overage  penalties  or  bursting  fees. 

•  Rollover  your  unused  dollars. 

•  Buy  as  you  go  with  our  flexible  term  length  contracts. 

Our  business  is  too  percent  customer-centric,  and  we 
encourage  our  customers  to  grow  their  business  and 
be  successful  by  providing  them  with  customer  friendly 
products,  services  and  pricing. 
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Get  more  from 
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Paying  for  Content  Delivery  services 
and  not  getting  the  chance  to  use 
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month.  Plus,  these  customers  cannot  carryover  those 
unused  services  from  one  month  to  the  next.  That  is, 
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that  their  products  were  just  the 
thing  to  satisfy  the  guidelines.  But 
as  was  pointed  out  by  Forrester 
Research  Analyst  Jonathan  Penn 
and  Michael  Barrett,  vice  presi¬ 
dent,  Security  Strategy  and  Archi¬ 
tecture  for  American  Express  and 
the  former  president  of  Liberty 
Alliance,  the  guidelines  not  only 
fail  to  specify  using  tokens  as  a 
second  authentication  factor, 
they  also  don’t  mandate  using 
multiple  factors.  Multi-factor  aut¬ 
hentication  is  strongly  suggested, 
but  only  for  those  transactions 
deemed  significant.  Instead,  the 
whole  thrust  of  the  guidelines  is 
that  banks  should  consider  how 
to  mitigate  any  risks  that  are  in¬ 
volved  in  how  they  handle  online 
authentication  and  presentation 
of  data. 

One  speaker  at  Digital  ID  World 
even  pointed  out  that  multi-factor 
authentication  isn’t  the  same  as 
multi-mode  authentication,  where 
“mode”  refers  to  the  traditional 
three  methods:  something  you 
know  (password),  something  you 
have  (token)  or  something  you 
are  (biometric).  IP  address  or  geo¬ 
location  could  also  be  a  factor. 

Another  speaker  raised  the 
specter  of  users  with  multiple  on¬ 
line  accounts  having  to  wear  a 
necklace  to  hold  all  of  the  key 
chain  type  tokens  that  companies 
such  as  RSA  Security  and  Vasco 
are  promoting  for  institutions  to 
issue  to  satisfy  the  guidelines. 

While  digesting  all  of  that,  keep 
in  mind  a  simile  that  another 
attendee  told  me  about.  We  were 
talking  about  the  benefits  of  build¬ 
ing  in  authentication  security 
from  within  an  application  as 
opposed  to  adding  it  on  as  a  wrap¬ 
per  or  a  totally  different  app. “Add¬ 
on  security,”  she  said,  “is  like 
putting  a  padlock  on  a  split  rail 
fence.  It  keeps  the  cows  in,  but  it 
doesn’t  keep  the  rustlers  out.” 

Kearns  is  a  writer  and  consultant 
in  Silicon  Valley.  He  can  be  reached 
at  info@vquill.com. 
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E-MAIL  NEWSLETTER  SHOWCASE:  NEW  DATA  CENTER  STRATEGIES 

Connecting  real  estate  to  cyberspace 


BY  ANDREAS  ANTONOPOULOS 

Convergence  has  had  a  signifi¬ 
cant  impact  on  enterprise  net¬ 
works  and  data  centers,  with 
voice  and  video  and  data  fre¬ 
quently  carried  on  the  same  IP 
network.  But  one  aspect  of  the 
data  center  that  is  lagging  in  “con¬ 
nectivity”  is  the  facility  itself. 

A  data  center  is  more  than  a  col¬ 
lection  of  computers  and  network 
gear.  It  is  a  controlled  environ¬ 
ment  with  sophisticated  tempera¬ 
ture  and  humidity  controls.  Un¬ 
interruptible  circuits  with  standby 
batteries  in  case  of  a  power  failure 
provide  enormous  amounts  of 
power.  Physical-access  control 
through  biometrics  and  security 
monitoring  through  cameras  and 
sensors  provide  a  blanket  of  pro¬ 
tection  against  unauthorized  ac¬ 
cess.  Fire-suppression  systems  and 
various  other  mechanical  systems 
are  also  part  of  this  unnoticed 
infrastructure. 

Yet  today  none  of  these  systems 
are  connected  to  the  network. 
There  are  many  reasons  why  data 
center  facilities  should  be  as 
“wired”  into  the  network  as  the 
computers. 

Most  data  center  managers  can 
pull  up  a  facilities  report  and  find 
how  much  they  spend  on  elec¬ 
tricity  each  month.  But  they 
would  find  it  hard  to  determine 
which  parts  of  the  data  center 
consumes  the  most  power,  or  how 
power  consumption  fluctuates. 
Network  management  systems 
provide  an  overview  of  the  com¬ 
puters  and  network  elements  in 
the  infrastructure.  Looking  at  a 
logical  diagram  of  the  data  center, 
operations  managers  can  see 
failed  systems  blinking  red  and 
quickly  identify  the  source  of  a 
problem. Overlaying  security  cam¬ 
eras,  fire  controls,  sensors,  electri¬ 
cal  supplies  and  cooling  systems 
over  such  a  diagram  would  give 
the  data  center  manager  an  over¬ 
view  of  the  facility. 

Companies  are  combining  re¬ 
search  in  intelligent  buildings 
with  new  mesh  network  technolo- 
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gies  such  as  Zigbee  to  build  intel¬ 
ligent  data  centers.  Vendors  such 
as  HPwith  its  Intelligent  Building 
initiative  and  Cisco,  with  Con¬ 
nected  Real  Estate,  are  gradually 
bringing  this  vision  into  reality 


While  many  data  center  facilities 
controls  have  been  automated, 
the  convergence  of  IP  and  build¬ 
ing  automation  will  bring  further 
benefits.  Data  center  managers 
can  integrate  building  manage¬ 


ment  into  their  network  and  sys¬ 
tems  management  software  by 
converging  all  this  information  on 
a  common  IP  network.This  will  in¬ 
crease  the  coordination  of  re¬ 
sources  in  the  data  center.  It’s  time 


to  re-examine  building  facilities 

Antonopoulos  is  principal  re¬ 
search  analyst  at  Nemertes  Re¬ 
search.  He  can  be  reached  at 
andreas@nemertes.  com. 
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Current  sniffer  can't  keep  up? 


Clear  out  problems  with  Observer  1 1 .  Now  with  enterprise  strength  VoIP  analysis.  New  features  include  an  enhanced 
VoIP  Expert,  Quality  Scoring,  Call  Detail  Records,  MultiHop  Analysis,  and  64-bit  Windows  support.  It's  time  to  reset  your  analyzer. 
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Avoid  in-rush  current  overload 

Outlets  are  turned  on  sequentially 

Manage  power  via  Network  Interfaces 
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individual  receptacles  upon  start  up. 


Enter  to  WIN  a  FREE  APC  Rack  PDU  today. 

Visit  http://promo.apc.com  Key  Code  f897x  •  Call  888-289-APCC  x6794  •  Fax  401-788-2797 

©2005  Ccwskwi  Corporation  All  Trademarks  are  the  property  of  their  owners  E-mail  esupport@a<*c  com  •  1 32  Fairgrounds  Road.  West  Kingston.  Rl  02892  USA 


APC's  advanced  power  distribution  units 
distribute,  monitor  and  remotely  control 
power  in  rack  enclosures. 

Now  you  can  remotely  control  power  to 
individual  outlets  and  monitor  aggregate 
power  consumption  via  local  and  remote 
displays.  Access,  configure  and  control  the 
APC  Switched  Rack  PDU  through  Web, 
SNMP  or  Telnet  interfaces. 

From  basic  power  distribution  to  controllable 
outlets,  APC  has  solutions  up  to  14.4  kW  to 
fit  your  IT  environment  needs.  See  our  entire 
line  of  rack  PDUs  online  at  www.apc.com. 


Every  product  carrying  this  mark  has  been 

TM 

tested  and  certified  for  use  with  InfraStruXure 
architecture.  Before  you  buy,  check  for  the  X  to 
guarantee  product  compatibility. 


With  over  15  million 
satisfied  customers, 
APC's  Legendary  Reliability™ 
guarantees  peace  of  mind. 


Legendary  Reliability* 


M4A05EP-US 


maybe  it’s  time 
you  look  at 

AdaptiveKVM” 

When  servers  are  down  or  inaccessible,  you  need 
fast  and  reliable  out-of-band  access  and  control. 

Cyclades  AdaptiveKVM™  (patent  pending)  is  the  industry’s  first 
integrated  solution  that  combines  KVM  over  IP  and  Microsoft® 
Remote  Desktop  Protocol  (RDP)  technology  in  a  single 
appliance.  By  using  KVM  over  IP  combined  with  RDP, 
AdaptiveKVM  provides  continuous  access  for  remote  server 
management. 


Next-Generation  KVM  Solution 


_ AlterPath™  KVM/netPlus 

Download  a  FREE  White  Paper  on  AdaptiveKVM 

www.cyclades.com/akvm 


* 


www.cyclades.com/nw 

1.888.cyclades  •  saies@cyclades.com 


cyclades 
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Centrally  Discover,  Support  and 
Manage  your  Systems.  Anywhere. 


Do  you  know  where  your  oldest  computer  is?  Need  to  locate  and  upgrade  your 
Windows  98  systems?  Are  you  overpaying  on  unused  software  licenses?  Which 
employees  are  spending  the  most  time  surfing  the  web?  Find  out  fast  with 
NetSupport  DNA. 


Managing  your  company's  IT  assets  means  more  than  just  selection  and 
maintenance.  Reporting,  inventory,  deployment  and  forecasting  are  also  part  of  the 
job.  NetSupport  DNA  is  an  easy  to  use  IT  asset  management  solution  that  provides 
you  with  the  tools  you  need  to  get  to  know  your  network. 


Unlike  other  solutions,  NetSupport  DNA  does  not  require  certified  training  or  have  a 
complex  implementation  path.  It  offers  all  of  the  functionality  you'd  expect  from  an 
award  winning  asset  management  suite,  but  with  only  a  30  minute  implementation 
path. 

NetSupport  DNA  combines  powerful  hardware  and  software  inventory  with  software 
distribution,  application  and  internet  metering,  pc  remote  control,  enterprise 
reporting  and  a  web-based  help  desk  solution. 


NtTSUPPORT 

DNAva 

NptSuppj^rt- 


iat's  on  your 

Metwork? 


Find  out  with  NetSupport... 


Visit  www.netsupport-inc.com  and  download  a  full  trial  license  today. 


Sales:  1-888-665-0808 


And  in  30  minutes  start  viewing  your  vital  Asset  Information. 


www.netsupport-inc.com 


How  Do  You  Distribute 
Power  in  Your  Data 
Center  Cabinet? 
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With  Sentry !  LJ  IBHH 

COU  Product  Family:  Metered,  Smart  &  Switched 
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Server  Technology 

Solutions  for  the  Data  Center  Equipment  Cabinet 

The  Sentry  CDU  distributes  power  for  Blade 
servers  or  up  to  42  dual-power  1U  servers 
in  one  enclosure.  Single  or  3-phase  input 
with  110VAC,  208VAC  or  mixed  110/208VAC 
single-phase  outlet  receptacles. 

Metered  CDU 

>  Local  input  Current  Monitoring 
Smart  CDU 

>  Local  Input  Current  Monitoring 

>  Supports  External  Temperature  and 
Humidity  Probes 

>  IP  Monitoring  of  Power  Temperatures 
and  Humidity 

Switched  CDU 

>  Local  input  current  Monitoring 

>  Supports  External  Temperature  and 
Humidity  Probes 

>  IP  Monitoring  of  Power,  Temperatures 
and  Humidity 

>  Remote  Power  Control  of  Each  Outlet 
—  On  /  Off  /  Reboot 


Server  Technology,  Inc. 
1040  Sandhill  Drive 
Reno,  NV  89521 
USA 


.  ■  Inc  sentry  is  3  trademark  of  Server  Technology.  Inc. 


toll  free +1.800.835.1515 
tel  +1.775.284.2000 
fax  +1.775.284.2065 

www.servertech.com 

sales@servertech.com 


This  little  thing 
KX  butt! 


All  the  power  of  our  Dominion®  KX  packed  into  a  smaller,  incredibly  versatile  form  factor. 

•  Deploy  them  by  the  hundreds,  even  in  dispersed  locations. 

•  Manage  them  all  centrally  through  a  single  IP  address. 

•  Get  to  them  all  without  the  access  limitations  of  a  KVM  switch. 

Visit  us  online  to  learn  more  about  switchless  KVM  and  the  future  of  infrastructure  management. 


www.  KX  butt.com 


^Raritan 


When  you're  ready  to  take  control. 


Actual  Size 


!/\ 


Introducing  the  next 
generation  of  KVM 

The  Dominion  KX101 


©  2005  Raritan  Computer.  Inc.  Raritan  and  Dominion  are  registered  trademarks  of  Raritan  Computer.  Inc. 
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€onlp@i  Power  on  Any  AC 
Powered  Device ... 

Via  Web  Browser,  Telnet, 
Modem  or  Local  Terminal 


Servers,  routers,  and  other  electronic  equipment  occasionally 
“lock-up”,  often  requiring  a  service  call  to  a  remote  site  just  to 
flip  the  power  switch  to  perform  a  simple  reboot.  With  WTI’s 
Remote  Power  Switches,  you  can  perform  reboot  and  On/Off 
control  from  anywhere! 

(v)  Web  Browser  Access  for  Easy  Setup  and 
Operation 

(v)  Encrypted  Password  Security 

(|7)  Dual  15  Amp  Power  Circuits 
Total  30  Amps  Maximum  Load 

(v)  115  VAC  and  230  VAC  Models 
(v)  Up  to  Sixteen  (16)  Individual  Outlets 
©  RS232  Modem  /  Console  Port 
©  Network  Security  Features 
©  Power-Up  Sequencing 


Web  Browser  Interface 


Jk  tm  l«v  u«» 

QnflkB 

REMOTE  POWER  SWITCH 

LOCATION:  wi* I  J.V.  I tUJ*A. 


tfQ'l  I  *»yl  *»*l 


Yes,  We  are  Customer  Friendly!  ips-i  600 


/  Two  Year  Warranty 
/  We  Stock  for  Same  Day  Shipment 
/  30  Day  Return  Policy 

./  Call  or  Email  for  an  Online  Demo 


Dual 

Power 

Inputs 


nmnsrw 


western  telematic  incorporated 

5  Sterling  «  Irvine  •  California  •  92618-2517 


Model 

NBB-1600 

www.wti.com 

(800)  854-7226 


MONITOR  SERVER  ROOM 

THREATS! 


Band 


Terminal  server  vendors,  who  proclaim  that 
they  have  Secure  Out  Of  Band  products,  rely 
on  RADIUS,  TACACS+  and  other  in  band 
protocols  to  provide  security.  By  inference, 
they  imply  they  secure  out  of  band  access 
when,  in  fact,  they  offer  only  network  security, 
which  conflicts  with  out  of  band  access. 

A  true  Secure  But  of  Band  Management 
solution  should  provide  strong  security  without 
reliance  upon  network  based  protocols. 


* 


CDI  offers: 

p-*  Hardware  encryption  over  dial-up 
and  network  connections 
r"-*  RSA  certified  SecurlD  authentication 
without  a  network. 
r1-*  Patented  central  management  of  all 
remote  devices 


Full  NIST,  FIPS  140-2  certifications 

Remote  Power  control 

Homologous  world-wide  approved 
internal  modems 


CDI  has  been  building  encryption  equipment  lor  over  lifteen  years.  Our  customers  and  partners  include 
major  financial  institutions,  government  agencies,  major  telcos,  utilities,  and  the  United  States  military 


Communication  Devices  Inc. 
www.outofbandmanagement.com 


ENVIROMUX-MINI 


•  Monitor  threats  such  as  temperature,  humidity 
and  water  leaks 

•  Be  notified  via  email,  SNMP  traps,  web-page 
alerts  and  a  visual  indicator 

•  Low  cost  and  compact  size  system 

Receive  a  FREE  1 0  ft.  Temperature  Sensor  when 
you  purchase  an  ENVIROMUX-MINI  by  12/31/05. 
Call  800-742-8324  and  mention  reference  code  ENV-NW. 


NETWORK 

TECHNOLOGIES 


5^55  INCORPORATED 


Visit:  www.ntil  .com/nw.html 
Email:  sales@ntigo.com 
Call:  800-742-8324 


Aluminum  Cabinets  provide  protection  against  dust,  moisture,  and  EMI 

The  new  Form  4  range  of  rugged  aluminum  cabinets  from 
Optima  EPS  has  been  designed  to  provide  reliable  protec¬ 
tion  to  UL-508  Type  1 2  specifications,  as  well  as  offering 
options  for  up  to  1  OOdB  of  EMI  attenuation.  The  cabinets 
are  easily  customized  to  suit  the  required  height,  depth, 
and  width,  including  19" and  24"  widths 

The  combination  of  Nema  1 2  protection  and  RFI  shielding 
in  a  low  weight  cabinet  makes  the  Form  4  cabinet  suit¬ 
able  for  a  wide  range  of  applications,  such  as  computer 
simulation,  test  and  measurement,  industrial  control,  and 
computer  storage  installation.  For  maximum  flexibility,  the 
reinforced  doors  are  field-reversible  and  open  122  degrees 
for  access,  with  concealed  hinges  and  multipoint  locking 
for  security  and  clean  lines. 


We  deliver  customized  19-inch 
cabinets  in  just  2  weeks 

Every  electronic  system  is  different,  so 
its  not  surprising  that  standard  1 9-inch 
cabinets  don't  always  offer  the  ideal  system 
packaging.  That's  why  Optima  has  intro¬ 
duced  the  Custom  Cabinet  14  service: 
customized  cabinets  delivered  to  your  door 
in  just  14  days. 

You  decide  where  you  want  the  holes  and  handles.  How  many  shelves  you  need.  Where 
the  doors  should  be.  And  what  accessories  you  want.  Then  we  put  it  together  -  fast. 

So,  with  the  Optima  EPS  Custom  Cabinet  14  service,  you  don't  have  to  keep  space 
hungry,  expensive  inventory,  because  your  ideal  cabinet  is  just  2  weeks  away. 


Wall-mount 
swing  frame 
suits  both 
electrical 
wiring  and 
19"  electronic 
equipment 

applications. 

Optima  EPS 
announces 
the  launch  of  a 
versatile  range 
of  wall-mount  swing  frame  cabinets,  designed  to 
suit  both  electrical  wiring  and  electronics  applica¬ 
tions.  Locks  to  the  rugged  front  and  rear  doors 
permit  the  whole  frame  to  clear  the  wall  to  sim¬ 
plify  installation  and  maintenance  for  electrical 
contractors  and  manufacturing,  instrumentation, 
and  automation  applications.  The  Frame  is  de¬ 
signed  to  accept  standard  1 9"  racks  and  fittings, 
as  well  as  electrical  components,  and  is  available 
in  a  range  of  colors  and  six  standard  sizes  from 
23"  x  14"  to  48"  x  20". 


Cabinet  Passes  NEBS  Level  4 

This  range  of  19"  and  24"  wide  cabinets  use 
welded  aluminum  construction  to  provide 
lower  weight  NEBS  compliance  for  seismic 
regions.  Heavy-duty-aluminum  extrusions 
are  combined  with  seven-guage  steel  base  to 
provide  a  rugged  floor-mounting  design  able 
to  resist  shock,  bending  and  vibration  stresses. 
The  cabinets  are  designed  for  deployment  in 
earthquake-prone  areas  to  Zone  4,  and  comply 
with  BelcoreTR-63/ANSI-329,  suiting  appli¬ 
cations  in  defence,  rack-mount  computers, 
manufacturing,  and  telecom. 


If  we  can  do  this  then  your  server  application 
is  safe  with  us! 


NEBS  Compliant  Seismic  Cabinet 

Optima's  rugged  design  is  the  earthquake  and  vibration  resilient 
foundation  you  need  to  securely  protect  and  support  your  equip¬ 
ment.  Our  knowledge  and  design  experience  has  enabled  us 
to  manufacture  over  5000  seismic  hardened  cabinets  which  are 
installed  in  Zone  4,  NEBS  Compliant  infrastructures  worldwide! 

Our  vast  product  range  and  our  ability  to  customize  cabinets, 
consoles,  and  instrument  cases  make  optima  the  ideal  choice  for 
all  your  enclosure  needs. 

Visit  us  at  www.optimaeps.com  to  find  out  more 
or  call  us  today  on  770-496-4000 


Custom 

Commercial 

Telecom 

Seismic 

EMC 

Desk  Systems 
Instrument  Cases 
Accessories 


Optima  EPS 


Cabinet!;  &  Enclosures 

An  ELM  A  Company 
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MASERGY  congratulates 

Bigari  Foods  I  Technovate 

(McDonald’s) 


for  their  selection  as  a 


S83B  Network  World  All-Star 

for  Convergence  in 
Retail  Services 


MASERGY  is  a  leading  provider  of  converged 
global  wide-area  networks,  specializing  in 
VoIP  and  IP  Video  application  performance. 
We  deliver  industry-leading  network  services 
to  hundreds  of  enterprises  around  the  globe 
every  day.  If  you  want  to  experience  award¬ 
winning  services  on  your  corporate  network, 
call  us  at  800-MASERGY,  or  visit  our  website 
at  www.masergy.com. 


Beat  Your  Budgets  With  A  Leas 

(or  ADD  to  existing  leases!) 


NO  CHARGE  for  3D  drawings  of  your 
room/site.  We  just  need  the  dimensions 
of  the  room  along  with  an  equipment  list. 

QUICK  SHIP  We  ship  within  5  business 
days  of  order  receipt. 

We  accept  VISA,  Mastercard,  and  American  Express 

For  specs,  please  check  out  our  website: 

The  Salix  Group  #1.800.668.9319  •  www.salixgroup.com  j 

G.S.A  Approved  (GS29F0269H)  Standing  offer  -  E60PS-0-0035/003/PS 


ftetworkTAPs.e 


TAP  into  Performance 

Monitor  mission-critical  links  with  the 
latest  technology  through  new  nTAPs 


Stop  jeopardizing  network  performance  and  risking  costly  downtime.  Be  confident  you 
have  maximum  visibility  into  your  full-duplex  links  by  configuring  an  nTAP  solution  that 
fits  your  network  and  budget.  Visit  www.networkTAPs.com/visibility  today. 


Ethernet  Copper  nTAP 

For  copper-to-copper  connections 
Choose  your  speed: 

10/100 . . . $395 

10/100/1000 . $995 


10/1 00/1 000  Conversion  nTAP 

Copper  input  with  copper  or 
fiber  output  options 
Choose  your  analysis  output: 


SX . $1,495 

LX . $1,495 


Optical  Fiber  nTAP 

Multiple  split  ratios 
Choose  your  port  density: 

Single  channel .  . $395 

Four  channel .  . $1,795 

Six  channel . $2,395 


^arn  more  about  how  nTAPs  can  boost  your  network  visibility  and  which  configuration  option 
is  best  for  you,  go  to  www.networkTAPs.com/visibility  or  call  866-GET -nTAP  today. 

Free  overnight  delivery.* 


FC 


free  overnight  delivery  on  all  U5.  orders  over  $300.00  confirmed  before  12  pm  CST. 

*tAP and  the  ntAP  I090  *t  tndemaits  or  tc^stmd  tiademarks  of  Nrtworfc  taswwentUtC. 


i^TAP 


Climate  Monitor 

$399 


Heat 

Humidity 

Air  Flow 

Sound 

Doors 

Power 

Camera 


(512)257-1462  ITWatchdogs 


1.408.727.1122 

mrnmmsMtt 

info@recurrent.com 

UJeCCS^R^jt 

3431  De  La  Cruz  Blvd.  Santa  Clara,  CA  95054  - 
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BACKSPIN 


Mark  Gibbs 


Our  third  annual  Golden  Turkey  Awards 


Thank  you  ladies  and 
gentlemen,  thank  you 
very  much.  [Riotous 
applause.]  No, you’re  too 
kind,  too  kind.  Oh  stop  it. 

[.Applause  slowly  dies.] 

Welcome  to  the  Gibbs  Institute's  Third  Annual  Thanks¬ 
giving  Golden  Turkey  Awards.  It  seems  like  no  time  at  all 
since  our  last  awards,  but  there  you  go.  Time  flies  when 
you’re  having  fun!  [Uproarious  laughter.] 

Seriously  though  folks,  2005  has  been  a  great  year  for 
Golden  Gobblers,  which  is  to  say  those  individuals,  com¬ 
panies  or  entities  that  don’t,  won’t  or  can’t  come  to  grips 
with  reality,  maturity  ethical  behavior  or  social  responsibil¬ 
ity  because  of  their  blindness, self-imposed  ignorance, 
thinly  veiled  political  agenda,  rapaciousness  and  greed,  or 
blatant  desire  to  return  us  to  the  Dark  Ages. 

Our  contenders  last  year  were  a  varied  lot  of  miscreants, 
buffoons  and  stooges,  and  after  you  pondered  long  and 
hard, you  voted  The  Santa  Cruz  Operation  and  Microsoft 
as  Top  Turkeys. 

Much  to  our  surprise  neither  Dari  McBride  nor  Steve 
Balmer  got  in  touch  to  claim  their  rewards.  [Appreciative 
chuckle.] 

So  who  are  we  going  to  put  on  the  rack  this  year? 
Contender  No.  1:  SBC  (see  www.networkworld.com, 
DocFinder:  9846).  I  wrote  about  switching  from  a  static  to 


a  dynamic  IP  connection,  and  then  adding  Vonage.  My  ser¬ 
vice  quality  took  a  nose  dive  and  my  blood  pressure  went 
dangerously  high  after  dealing  with  tech  support.  From  let¬ 
ters  you  sent  in  it  seems  I’m  not  alone. 

Contender  No.  2:  VoIP  for  consumers  (DocFinder:  9847). 
At  first  blush  consumer-grade  VoIP  appears  to  be  a  great 
idea,  but  the  reality  is  without  broadband  providers  (such 
as  SBC)  ensuring  QoS,  the  call  quality  will  often  be  poor 
and  problem  resolution  a  nightmare.  Until  someone  fig¬ 
ures  out  how  to  make  consumer-grade  VoIP  as  reliable  as 
plain  old  telephone  service  lines,  only  the  geeks  will  be 
interested. 

Contender  No.  3:  The  Social  Security  Administration 
(DocFinder:  9848),  which  killed  off  my  mother-in-law.  She’s 
still  waiting  to  see  if  she’s  really  dead. 

Contender  No.  4:  Apple  (DocFinder:  9849).  A  few 
months  ago  I  got  my  first  new  Mac  in  more  than  10  years 
—  a  really  cool  twin-processor  G5  with  1.5G  bytes  of 
RAM,  and  I  was  a  believer  that  Apple  knew  how  to  do 
computers  right.  I  discovered  1  was  wrong. 

OS  X  is  great  but  Apple’s  flagship  productivi¬ 
ty  suite,  iLife,  is  about  as  robust  as  a  ham¬ 
mer  made  of  jello.  I  can  now  crash  iPhoto 
in  at  least  three  repeatable  ways.  Sad. 

Contender  No.  5:  Rock  Star  Games 
(DocFinder:  9850),  for  the  poorly  hidden 
sex  scene  in  “Grand  Theft  Auto:  San 


ft 


I  Cast  your  vote  for 
the  Golden  Gobbler 
online  at  www.network 
world.com,  DocFinder: 
9860. 


Andreas.”  How  dumb  can  your  engineers,  management 
and  PR  machine  be? 

Contender  No.  6:  Cisco  (DocFinder:  9851).  On  the  Gibbs 
Institute  Snafu-o-meter,  Cisco  went  off  the  scale  over  the 
Michael  Lynn  case,  wherein  Cisco  tried  to  use  security  by 
obscurity  combined  with  security  by  a  lot  of  lawyers  to 
suppress  a  presentation  of  a  potentially  dangerous  exploit 
in  IOS,  Cisco’s  router  operating  system.The  fact  that 
another  major  flaw  was  found  in  IOS  and  made  immedi¬ 
ately  public  just  a  few  weeks  later  was  ironic. 

Contender  No.  7:  The  Federal  Emergency  Management 
Agency  (DocFinder:  9852). The  Internet  Explorer-only  aid 
assistance  application  fiasco  was  so  amazingly  dumb  that 
it  defied  belief. 

Contender  No.  8:  Sony  BMG  (DocFinder:  9853).  A  com¬ 
pany  whose  digital  rights  management  (DRM)  software  is 
as  welcome  as  a  chicken  with  a  cough. This  contender  is 
an  obvious  hot  favorite  for  an  award  given  the  current 
brouhaha  over  its  ridiculous  and  ill-considered  DRM 
deployment. 

®  That’s  our  lineup  for  this  year  [Applause] , 
but  please  feel  free  to  nominate  your  own 
favorite  birds. 


Send  feedback  to  backspin@gibbs.com  and 
check  Gibbsblog  ( www.networkworld.com/ 
weblogs/gibbs  blog/). 


News,  insights  and  oddities 


Time  is  money:  Here’s  one  way  to  get  paid 


Paul  McNamara 


A  recent  column  about  paying  for  online  content  —  and 
stubborn  opposition  to  same  —  prompted  a  reply  from 
Lance  Walley,  co-founder  of  a  company  called 
FaceBridge  Research. 

"Maybe  I'm  weird,  but  I’m  amazed  at  how  many  people  think  anything,  really,  should 
be  free,"  Walley  writes.  “Nothing  is  produced  for  free,  at  least  not  with  any  regularity.” 

Walley's  not  weird  and  his  point  isn’t  an  academic  one:  FaceBridge  is  pushing  tech¬ 
nology  that  promises  to  let  anyone  easily  charge  a  per- minute  fee  for  one-to-one,  voice 
and  video  access  to  themselves  over  a  VoIP  or  instant-messaging  network.  The  first 
iteration  runs  atop  Apple’s  iChat  AV  with  plans  afoot  to  support  Skype  and  Windows 
AIM.  One-to-many  capabilities  are  also  on  the  drawing  board. 

"We  see  our  technology  as  a  natural  for  almost  any  professional  who’s  paid  by  time 
but  who  has  to  invoice  separately  today,”  Walley  says,  citing  lawyers,  computer  techni¬ 
cians  and  “life  coaches"  as  examples.  "Automatic  record-keeping,  billing  and  payment 
for  that  12-minute  phone  call  has  to  be  better  and  more  efficient  than  current  sys¬ 
tems." 

If  you  want  to  check  out  an  example  of  the  technology,  visit  www.flavor  sofa, 
com,  where  a  growing  collection  of  content  providers  are  making  their  services 

available. 

The  concept  sounds  enticing,  but  it  is  the  potential  of  extending  the  model  from  one- 
‘o-one  to  one-to-many  communications  that  has  Walley  most  excited. 

Pay  Per  View  is  something  everyone  understands,  but  it's  currently  reserved  for  the 
vv  special  and  the  very  rich,"  Walley  says.  "If  you're  a  small  garage  band  with  500 
r.  in  L.A.,  you  can't  possibly  do  a  PPV  via  Comcast.  But  what  if  you  could  set  up 
y  Webcam  and  broadcast  over  ‘xyz’ IM/VolP  network  and  charge  your  fans?  And 

tbft  .o.i'd  be  done  even  if  you’re  doing  a  live  performance  somewhere _ Now,  before 

you  think  this  particular  app  is  oddball,  just  ponder  the  following  words:  iTunes/iPod, 
MySpace,  Murdoch.  Music  grabs  people.” 

T!e  FaceBridge  concept  is  by  no  means  fully  baked. 


First  of  all,  the  initial  focus  on  Macintosh,  however  defensible  from  a  technology 
standpoint,  does  prevent  a  sizable  portion  of  the  company's  potential  audience  from 
participating  in  the  test  drive.The  founders  promise  that  the  version  for  Skype  and 
Windows  AIM  will  not  be  far  behind. 

Potentially  more  problematic  is  the  matter  of  processing  credit-card  payments  on  the 
back  end,  an  extraordinarily  expensive  proposition,  especially  fora  fledgling  company. 
To  recoup  those  costs,  FaceBridge  generally  takes  a  25%  cut  of  the  fees  paid  to  those 
offering  services  on  Flavorsofa.com.The  goal  is  to  knock  that  down  to  5%  or  replace 
the  cut  with  a  nominal  connection  fee. 

Finally,  there's  the  seemingly  obvious  question  about  a  certain  kind  of  service  — 
nudge-nudge,  wink-wink  —  that  might  find  its  way  onto  a  one-on-one  video  network. 

"Everybody  immediately  associates  us  with  porn,"  acknowledgesTom  Mornini,  co¬ 
founder  of  FaceBridge. 

While  FaceBridge  has  no  desire  to  referee  what  happens  in  the  privacy  of  its  cus¬ 
tomers' Web  browsers,  it's  clear  that  the  company  has  a  larger  purpose  in  mind  for  its 
patents.  And  besides,  the  porn  industry  has  done  quite  well  billing  customers  without 
the  help  of  these  guys. 

Fast  start  for  TimesSelect 

While  on  the  subject  of  paid  content,  get  a  load  of  the  early  returns  regarding  The 
New  York  Times'  closely  watched  TimesSelect  offering:  about  135,000  individuals  have 
ponied  up  $8  a  month  or  $50  a  year  to  gain  online  access  to  the  paper’s  lineup  of 
columnists  and  other  goodies.  Because  the  company  did  not  provide  a  breakdown  of 
those  subscription  options,  we  cannot  tally  the  revenue  precisely,  but  suffice  to  say 
we’re  talking  millions.  Not  bad  for  less  than  two  months  into  an  experiment  that  critics 
have  had  great  sport  ridiculing. 

Sending  e-mail  to  me  remains  free.  Same  goes  for  my  replies.  The  address  is 
buzz@nww.com. 
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